Banking Supervision and Criminal Investigation PDF

Comparative, European & International Criminal Justice 1
Banking
Supervision
and Criminal
Investigation
Comparing the EU
and US Experiences
Giulia Lasagni
Comparative, European and International
Criminal Justice
Volume 1
Editor-in-Chief
Roberto E. Kostoris, University of Padua, Padua, Italy
Series Editors
Mirjan Damaška, Yale University, New Haven, USA
Juan Luis Gómez Colomer, Jaume I University, Castellón de la Plana, Spain
Giulio Illuminati, University of Bologna, Bologna, Italy
John Jackson, University of Nottingham, Nottingham, UK
Bruce Smith, University of Denver, Denver, USA
Mark A. Zöller, University of Trier, Trier, Germany
Advisory Editors
Lorena Bachmaier Winter, Complutense University of Madrid, Madrid, Spain
Marta Bargis, University of Eastern Piedmont Amedeo Avogadro, Vercelli, Italy
Silvia Barona Vilar, University of Valencia, Valencia, Spain
Mireille Delmas-Marty, Collège de France, Paris, France
Emilio Dolcini, University of Milan, Milan, Italy
Piotr Hofmański, International Criminal Court, The Hague, The Netherlands
Maria Kaiafa-Gbandi, Aristotle University of Thessaloniki, Thessaloniki, Greece
André Klip, Maastricht University, Maastricht, The Netherlands
Raimo Lahti, University of Helsinki, Helsinki, Finland
Renzo Orlandi, University of Bologna, Bologna, Italy
Francesco Palazzo, University of Florence, Florence, Italy
Viorel Pașca, West University of Timișoara, Timișoara, Romania
Paulo Pinto de Albuquerque, European Court of Human Rights, Strasbourg, France
Ulrich Sieber, Max Planck Institute for Foreign and International Criminal Law,
Freiburg, Germany
John A. E. Vervaele, Utrecht University, Utrecht, The Netherlands
Anne Weyembergh, Université Libre de Bruxelles, Brussels, Belgium
James Q. Whitman, Yale University, New Haven, USA
Raúl Zaffaroni, Inter-American Court of Human Rights, San José, Costa Rica
Associate Editors
Michele Caianiello, University of Bologna, Bologna, Italy
Marcello Daniele, University of Padua, Padua, Italy
Michele Papa, University of Florence, Florence, Italy
Pier Paolo Paulesu, University of Padua, Padua, Italy
This book series focuses on criminal justice from multiple perspectives. In particular,
it addresses three main areas:
–– Comparative issues, including historical ones, in order to highlight the common
roots of criminal justice in common and civil law systems, both past and
present.
–– European issues, in order to raise awareness of the link between national and
transnational levels, in the perspective of the European Union law and the
European Convention on Human Rights law, in the area of criminal justice,
namely focusing on the protection of fundamental rights and on judicial and
police cooperation.
–– International issues, namely those related to the functioning of the International
Criminal Court and of the other international criminal tribunals, but also in
regard to international human rights courts.
The book series addresses the phenomenon of criminal justice with a particular, but
not exclusive, focus on procedural aspects, from a multidisciplinary perspective –
an essential approach in today’s globalized world.
It provides academic readers with authoritative and timely debates on the emerg-
ing issues of criminal justice, and also offers judges and lawyers useful indications
and suggestions.
More information about this series at http://www.springer.com/series/16095

Giulia Lasagni
Banking Supervision
and Criminal Investigation
Comparing the EU and US Experiences
Giulia Lasagni
University of Bologna
Bologna, Italy
ISSN 2524-4558 ISSN 2524-4566 (electronic)

Comparative, European and International Criminal Justice
ISBN 978-3-030-12160-0 ISBN 978-3-030-12161-7 (eBook)
https://doi.org/10.1007/978-3-030-12161-7
© Springer International Publishing Switzerland and G. Giappichelli Editore 2019

This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of
the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,
broadcasting, reproduction on microfilms or in any other physical way, and transmission or information
storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology
now known or hereafter developed.
The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication
does not imply, even in the absence of a specific statement, that such names are exempt from the relevant
protective laws and regulations and therefore free for general use.
The publisher, the authors, and the editors are safe to assume that the advice and information in this book
are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the
editors give a warranty, express or implied, with respect to the material contained herein or for any errors
or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims
in published maps and institutional affiliations.
This Springer imprint is published by the registered company Springer Nature Switzerland AG.
The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland
Contents
1 Introduction �� 1
References �� 5
Part I Mapping the Boundaries of an Intricate Playing-Field

2 Finding the Way in a Complex Multi-Level Legal Framework �� 9
2.1 The Definition of “Bank” and “Financial Institution” �� 10
2.2 Criminal Liability of Legal Persons: A Brief Overview �� 20
2.3 The Interaction Between Administrative and Criminal Matter �� 24
2.3.1 Managing the Risk of Transnational Bis in idem: Double
Jeopardy Clause in the US Federal Legal System �� 31
2.3.2 Ne Bis In Idem Protection in the European Convention
on Human Rights �� 41
2.3.3 Enforcing the Principle of Ne Bis In Idem in the EU �� 50
2.3.4 Gathering Information Within Multi-Disciplinary
Cooperation Networks �� 66
2.4 Methodology: Transversal Comparative Approach Applied
to a Complex and Hybrid Legal Framework �� 71
References �� 74
3 Strengthening Financial Investigation and Supervision
at the International Level �� 85
3.1 The Essential Role of Self-Regulatory Bodies �� 86
3.2 The Financial Action Task Force: Administrative Financial
Supervision and Criminal Investigative Measures �� 89
3.3 Financial Intelligence Units and the Egmont Group �� 93
3.4 Ensuring Common Standards Against Financial Crime
at Regional Level: The Council of Europe �� 98
3.5 Ensuring Effective Banking Oversight: The Basel Committee
on Banking Supervision �� 100
v
vi Contents
Part II Criminal Profiles in Banking Supervision

4 The Institutional Design of EU Banking Supervision �� 109
4.1 From the Financial Crisis to the Banking Union �� 110
4.2 The European Supervisory Authorities �� 115
4.3 Sanctioning Powers in the Single Rulebook: Relevant Provisions
of the IV and V Capital Requirement Directive �� 118
4.4 Banking Supervision in the Eurozone: The Single Supervisory
Mechanism �� 121
4.4.1 SSM Supervisory Powers �� 127
4.4.2 SSM Sanctioning Powers �� 130
4.4.3 SSM Investigations and Procedures �� 137
5 The US Regulatory Framework of Banking Supervision �� 147
5.1 Collapse of a System: Deregulation and Financial Crisis
in a Complex Supervisory Framework �� 147
5.2 The Federal Reserve �� 151
5.3 Other US Regulatory Agencies (FDIC, OCC, SEC) �� 153
5.4 The 2010 Dodd-Frank Act: Impact and Waves
of Counter-Reform �� 156
6 The Hybrid Nature of Banking Supervision �� 161
6.1 Banking Supervision and the BCBS Core Principles: Defining
Effective Supervisory Models? �� 162
6.1.1 Independence and Accountability of Banking
Supervisors �� 165
6.1.2 Dissemination of Collected Information and Investigative
Overlapping in the US Regulatory Framework �� 174
6.1.3 Dissemination of Collected Information Within
the Single Supervisory Mechanism: Overview of Main
Critical Issues �� 177
6.2 Banking Supervisory Sanctions in the EU: A New Field
of Criminal Law? �� 184
6.3 Fair Trial Guarantees and Banking Supervision: The Right
to an Independent Tribunal �� 197
6.3.1 The Right to an Impartial Tribunal �� 202
6.3.2 The Principle of Equality of Arms: Right to Be Heard,
and Right of Access to Files �� 207
6.3.3 Right to a Full Judicial Review �� 219
6.3.4 Right of Legal Assistance and Right to a Public
Hearing �� 231
6.3.5 The Privilege Against Self-Incrimination �� 235
Contents vii
6.3.6 The Right to Remain Silent in the SSM Legal

Framework �� 257
6.3.7 The Protection from Bis In Idem �� 265
Part III Banking Criminal Investigations

7 Real-Time Monitoring of Banking Data: State of Play �� 285
7.1 Banking Investigative Techniques and the Residual Role of Bank
Secrecy Law �� 286
7.2 Measures (i) and (ii): Access to Banking Information and Past
Transactions �� 291
7.3 Measures (iii): Real-time Monitoring of Banking Data �� 295
7.4 Measures (iv): Freezing of Banking Accounts
(Brief Overview) �� 299
7.5 Real-time Monitoring of Banking Data in the EU �� 300
7.6 Real-time Monitoring of Banking Data in the US �� 308
7.6.1 Court Order �� 309
7.6.2 Judicial or Grand Jury Subpoena �� 311
7.6.3 Administrative Subpoena or Summons �� 313
7.6.4 Probable Cause Search Warrant �� 314
8 Introducing a Regulation on (Banking) Data Surveillance
in the EU: Some Proposals �� 327
8.1 Identifying the Fundamental Right(s) Affected by Real-Time
Monitoring of Digital (Banking) Data �� 327
8.2 Defining Procedural Rules for the Surveillance of Personal
(Banking) Data �� 339
8.3 Right to an Effective Remedy: The Authority in Charge
of Real-Time Monitoring of Banking Records �� 352
9 Conclusion �� 359
9.1 The Compliance with Fair Trial Rights in the Single Supervisory
Mechanism �� 361
9.2 The Protection of Fundamental Rights (Right to Privacy) in the
Surveillance on Personal (Banking Digital) Data �� 364
Abbreviations
States
AT Austria
BE Belgium
BG Bulgaria
HR Croatia
CY Cyprus
CZ Czech Republic
DK Denmark
EE Estonia
FI Finland
FR France
DE Germany
HU Hungary
IE Ireland
IT Italy
LV Latvia
LT Lithuania
LU Luxembourg
MT Malta
NL The Netherlands
PL Poland
PT Portugal
RO Romania
SK Slovakia
SI Slovenia
ES Spain
SE Sweden
UK United Kingdom
US United States
ix
x Abbreviations
Other Abbreviations
ABoR Administrative Board of Review

ACHR American Convention on Human Rights
AML Anti-Money Laundering
BCFP Bureau of Consumer Financial Protection
BHC Bank Holding Company
BRRD Banking Recovery and Resolution Directive
BSA Bank Secrecy Act
BU Banking Union
CFMA Commodity Futures Modernization Act
CFREU Charter of Fundamental Rights of the European Union
CFT Countering the Financing of Terrorism
CJEU Court of Justice of the European Union
CONSOB Commissione Nazionale per le Società e la Borsa
CRA Community Reinvestment Act
CRD Capital Requirements Directive
CRR Capital Requirements Regulation
DOJ Department of Justice
DGS Deposit Guarantee Scheme
EBA European Banking Authority
ECB European Central Bank
ECHR European Convention on Human Rights
ECtHR European Court of Human Rights
EDIS European Deposit Insurance Scheme
EIO European Investigation Order
EIOPA European Insurance and Occupational Pensions Authority
EPPO European Public Prosecutor’s Office
ESA European Supervisory Authority
ESFS European System of Financial Supervision
ESMA European Securities and Markets Authority
FATF Financial Action Task Force
FBI Federal Bureau of Investigation
FDIC Federal Deposit Insurance Corporation
Fed. R. Crim. P. Federal Rules of Criminal Procedure
Fed. Res. Federal Reserve
FFIEC Federal Financial Institutions Examination
FinCEN Financial Crimes Enforcement Network
FIU Financial Intelligence Unit
FSB Financial Stability Board
FSOC Financial Stability Oversight Council
GRECO Group of States Against Corruption
HOSSP Hawala and Other Similar Service Providers
IT Information Technology
Abbreviations xi
JIT Joint Investigation Teams

JST Joint Supervisory Team
MONEYVAL Committee of Experts on the Evaluation of Anti-Money
Laundering Measures and the Financing of Terrorism
NCA National Competent Authority
NRA National Resolution Authority
OCC Office of the Comptroller of the Currency
OLAF Office européen de Lutte Antifraude
OTS Office of Thrift Supervision
SAR Suspicious Activity Report
SCA Stored Wire and Electronic Communications and
Transactional Records Access Act
SEC Securities and Exchange Commission
SRF Single Resolution Fund
SRM Single Resolution Mechanism
SSM Single Supervisory Mechanism
SSM FR SSM Framework Regulation
SSM R SSM Regulation
TBTF Too-Big-To-Fail
UFIRS Uniform Financial Institutions Rating System
UN United Nations
USA PATRIOT ACT Uniting and Strengthening America by Providing
Appropriate Tools Required to Intercept and Obstruct
Terrorism Act
USSC US Supreme Court
Chapter 1
Introduction
Financial transactions are a crucial element in the undertaking of criminal investiga-

tions, especially (but not exclusively) in their increasingly globalized dimension.
Access to banking records and following the financial paper (or today, rather
digital) trail have become imperative operations to effectively combat quite an
extensive range of offences, starting from the very core from which financial inves-
tigative techniques have been developed—mainly money laundering, organised
crime and terrorist financing—and progressively involving other forms of serious
crimes, such as corruption, tax fraud, obstruction of public procurement or grant
procedures, market abuse, human trafficking, or cybercrime. Often carried out in
parallel to traditional fact-finding criminal inquiries, financial investigations con-
sists in those techniques which allow to chase the “movement of money during the
course of criminal activity” (i.e. when the money is received, where it is stored or
deposited),1 and to identify and trace beneficiaries, as well as the material benefit
acquired (also through third persons) by the criminal offence.2
Dealing today with banking investigations and financial investigative techniques,
however, means dealing with much more extended implications than it perhaps
entailed only a few decades ago.
Indeed, financial transactions are regularly carried out on a globalized dimen-
sion, while the development of financial investigative techniques is still far from
being characterized by an adequate level of commonality at transnational level, and
rules and regulations are still highly varying from country to country.
Financial investigations, therefore, currently represent a forefront arena—both at
the national, and at the international level—where fundamental rights are remark-
ably and increasingly tested in their capability to keep pace with the development of
FATF (2012), p. 3.

1
Golobinek (2006), p. 7; AA.VV. (1988); Adinolfi et al. (2006); Flick (1988).
2
© Springer International Publishing Switzerland and G. Giappichelli Editore 2019 1

G. Lasagni, Banking Supervision and Criminal Investigation, Comparative,
European and International Criminal Justice 1,
https://doi.org/10.1007/978-3-030-12161-7_1
2 1 Introduction
digital technology, the existence of multi-level systems, and an extended use of

administrative punitive powers.3
This supranational dimension is even more evident once considering that bank-
ing records are today mostly represented by digital data, the treatment of which is
often not only lacking common standards, but also deficient within a fair number of
national legal systems.4
Moving from these assumptions, the developing of banking investigation has
ultimately come across an unprecedented degree of debate and discussion at aca-
demic, legislative and (progressively) judicial level, whose results are likely to influ-
ence criminal law and procedure far beyond the mere field of financial crimes.
Two in particular are the cutting-edge profiles where, in the last few years, tradi-
tional banking criminal investigations are increasingly and irretrievably challenged
in their national-based, analogous and mono-disciplinary dimension: The conferral
to administrative (often supranational) supervisors of severe punitive powers of
potentially criminal nature, and the application of intrusive surveillance criminal
investigative techniques, like the real-time monitoring of banking records, often in
lack of adequate fair trial guarantees.
In a comparative perspective between the EU and the US, this work examines
both profiles driven by two leading questions: (a) What is in this field a balance
between the need to fight crimes and that of protecting human fundamental rights
which can be fairly accepted in a democratic society?, and (b) under this perspec-
tive, is the current legal framework in the EU adequate? If not, what can be done
about it?
Under the first profile, the notable investigating and above all sanctioning powers
applicable by supranational banking regulators has opened a series of critical issues
on the independency and accountability of such supervisors in the field of banking
investigations, and, especially in Europe, also on the substantial (administrative or
criminal) nature of supervisory penalties, due to the autonomous and non-formalistic
approach developed for the definition of matière a coloration pénale by the European
Court of Human Rights and the Court of Justice.5
Under the second profile, digital technical development and massive production
of data are increasingly leading to integrate legal sources imposing reporting obliga-
tions of suspicious activities upon credit institutions,6 with forms of real-time or
3
Bradley (2014), 271 et seq.
4
Cf. Sect. 7.5–7.6.
5
Which will be analysed in Part II of this work (Chaps. 4, 5, and 6).
6
Periodical reporting obligations–generally addressed towards relevant supervising administrative
regulators, or if the irregularities reasonably show hints of undergoing criminal activity, extended
also towards judicial or law-enforcement authorities–are imposed both in the US (by the Currency
and Foreign Transactions Reporting Act of 1970, commonly referred to as the “Bank Secrecy Act”
or “BSA,” P.L. 91-508, codified at: 31 U.S.C. § 5311-5314e, 5316-5331, 5332e; 12 U.S.C. §
1829b, 1951-1959e) and in the EU (by the AML/CFT Directive, recently approved in its fifth ver-
sion, see Directive (EU) 2018/843 of 30.05.2018 on the prevention of the use of the financial sys-
tem for the purposes of money laundering or terrorist financing). While the existence of reporting
obligations is a firmly established reality in most countries against money laundering, or financing
1 Introduction 3
surveillance techniques more consistent with the non-linear structure of our glo-
balised society (also in its criminal dimensions).
Analysing in which cases, and under which conditions, real-time monitoring of
banking records may apply, represents today both a fundamental step for the devel-
opment of banking criminal investigations against the need to protect fundamental
rights like the right to privacy, and a task which cannot be further postponed: Indeed,
while legal scholars and international actors are debating about the legitimacy of the
use of these highly intrusive surveillance measures, the latter are already applied,
with uncertain legal basis, in numerous countries by prosecutors, law-enforcement
and—with different but not less worrying implications—several private commercial
companies.7
To examine such complex, but at the same time crucial topics and trying to
answer to the two aforementioned leading questions, this work is structured as
follows.
Part I (Chaps. 2 and 3) lays the foundation for the following analysis developed
in Part II and III.
Chapter 2 maps the boundaries of the matter under examination, identifying
some bedrocks which will be a constant reference in the examination on the compli-
ance of the European Central Bank’s investigative and sanctioning powers with fair
trial rights, and on the protection of privacy and defence rights in real-time monitor-
ing of banking records. These fundamental issues first concern the very definition of
“financial institution”, a step especially relevant in an age of service dematerializa-
tion, where the assets of financial non-banking credit activities (the so-called
“shadow banking”) already represents “about half the size of the regulated banking
system”.8
Moreover, in the financial field (but increasingly in other relevant areas too, such
as privacy, or environmental protection) applicable legal bases are today often pro-
duced by multiple actors, which differ from each other in their origin (independent,
governmental) and nature (administrative, judicial, hybrid), and which have differ-
ent, and though frequently overlapping investigative, regulatory and enforcement
powers. These actors compose a legal framework whose complexity shall be taken
in due account in any legal analysis on banking investigation. In this sense, a special
focus will be put on the efficiency of multi-disciplinary cooperation networks, and
the transnational application of the ne bis in idem principle.
of terrorism, the possibility of extending their scope to investigate over other criminally relevant
transnational conducts, such as tax frauds or cybercrime, is still highly controversial.
7
Which will be analysed in Part III of this work (Chaps. 7 and 8).
8
In 2012 they “accounted for EUR 53 trillion, mainly concentrated in Europe (around EUR 23
trillion) and in the United States (around EUR 19.3 trillion)”, cf. European Commission,
Explanatory Memorandum-Proposal for a Regulation of the European Parliament and of the
Council on reporting and transparency of securities financing transactions, Brussels, 29.1.2014
COM(2014) 40 final, p. 1. The Financial Stability Board (FSB) defines the shadow banking system
as “credit intermediation involving entities and activities (fully or partially) outside the regular
banking system”, cf. FSB (2014); see also Weber et al. (2014), p. 171 et seq.
4 1 Introduction
Chapter 3 proposes a recollection of the main actors active in the field of finan-
cial and banking investigations at the international level, whose powers are
particularly relevant for the development of policies of financial criminal justice in
the EU and in the US, such as the Financial Action Task Force, and the Basel
Committee on Banking Supervision. This will help tracing the general framework
from which most domestic financial regulations derive, and identifying the funda-
mental parameters that banking oversight mechanisms shall maintain in compliance
with.
Part II (Chaps. 4, 5 and 6) analyses the criminally relevant profiles of banking
supervision in the EU and in the US. Chapter 4 illustrates the main legal and insti-
tutional changes brought in the Eurozone by the Banking Union, with a specific
focus on the banking investigating and sanctioning powers conferred since late 2014
to the Single Supervisory Mechanism, as part of the European Central Bank. In
particular, it will be analysed the possibility for this Mechanism to impose punitive
penalties, and the extent of the applicable procedural rules and safeguards. In a
comparative perspective, Chap. 5 delineates the main traits of the US banking
supervisory system after the last financial crisis, illustrating relevant competent
authorities, as well as their investigative and sanctioning powers.
In Chap. 6, the status, organization and powers of the US and EU supervisory
authorities are analysed, first against the Basel Committee’s Core Principles, with
special attention to the rules requiring independence and accountability, as well as
effectiveness in cooperation and exchange of information. These profiles indeed
result extremely meaningful also under a criminal law perspective, since their viola-
tion may already undermine at the very bases the possibility for banking supervisors
to comply with fair trial guarantees. The substantive nature of the penalties impos-
able by the Single Supervisory Mechanism is then analysed in light of the Engel
case-law, as developed by the Court in Strasbourg and applied by the Court of
Justice. Following the assumption that a significant part of those sanctions shall be
recognized a punitive nature, the Chapter analyses the fairness of the SSM sanction-
ing proceedings in light of the fundamental fair trial rights established by the Charter
of Fundamental Rights of the European Union and by the European Convention on
Human Rights, highlighting potential profiles of structural non-compliance.
Lastly, Part III (Chaps. 7 and 8) examines the theme of banking criminal investi-
gations, and in particular of surveillance or real-time monitoring of banking data.
Chapter 7 deals with the theme of criminal banking investigations, identifying
different investigative measures and focusing in particular on real-time monitoring
of banking data. In the Chapter, it is argued why establishing a proper regulation on
the matter is increasingly necessary, especially in the banking and financial sector,
where currently fundamental rights pay for the lack of adequate legal basis. To
explain so, a reconstruction of the (scarce) applicable legal basis for this investiga-
tive technique will be provided with regard to both the EU and the US legal
systems.
Against the composite framework, Chap. 8 concludes the present work, intro-
ducing some proposals on the key features that should characterize an EU regula-
tion on banking data surveillance, starting from the identification of the fundamental
References 5
rights at stake, above all, the right to privacy. Accordingly, basic procedural stan-
dards and safeguards are highlighted, that shall apply when such surveillance tech-
niques are implemented (at least) in criminal proceedings, including considerations
over which authority should authorize the use of real-time monitoring of banking
records.
References
AA.VV. (1988) Metodologie e Strumenti per le indagini bancarie e patrimoniali, Trevi 4-5-6
dicembre 1987, in Quad. C.S.M., anno 3, n. 19, ottobre 1988
Adinolfi M, Di Gregorio C, Mainolfi G (2006) Le Transazioni Finanziarie Sospette e il Contrasto
al Terrorismo: Controlli e Adempimenti. Bancaria Editrice, Roma
Bradley C (2014) Breaking up is hard to do: the interconnection problem in financial markets and
financial regulation, a European (banking) union perspective. Tex Int’I LJ 49:271–295
FATF (2012) Operational issues - financial investigations guidance, July 2012. http://www.
fatf-gafi.org/media/fatf/documents/reports/Operational%20Issues_Financial%20investiga-
tions%20Guidance.pdf. Accessed 15 July 2018
Flick GM (1988) Informazione bancaria e giudice penale. Presupposti di disciplina. Problemi e
prospettive, in Banca e Borsa 4-5:441–472
FSB (2014) Transforming shadow banking into resilient market-based financing, an overview of
progress and a roadmap for 2015, 14 November 2014. http://www.fsb.org/wp-content/uploads/
shadow_banking_overview_of_progress_2015.pdf. Accessed 15 July 2018
Golobinek R (2006) Financial investigations and confiscation of proceeds from crime. Council
of Europe - training manual for law enforcement and judiciary, August 2006. https://rm.coe.
int/16806ef391. Accessed 15 July 2018
Weber RH, Arner DW, Gibson EC, Baumann S (2014) Addressing systemic risk: financial regula-
tory design. Tex Int’I LJ 49:149
Part I
Mapping the Boundaries of an Intricate
Playing-Field
Chapter 2
Finding the Way in a Complex Multi-Level
Legal Framework
It is not unlikely for a criminal-law jurist who approaches the matter of banking
and financial investigation for the first time to report an impression of mild
bewilderment.
Indeed, although representing a vital and extremely relevant part of criminal
investigations, as shown for instance, by the last financial crisis, several are the pro-
files in this field which venture beyond the boundaries of traditional criminal law
and procedure. Due to the globalization of financial services, dealing with banking
investigations today means dealing not only with the rules established in this matter
under criminal law, but also under banking, financial and administrative regulation:
It is in fact precisely in these sectors that suspicions of a crime or information that
often become crucial evidence in criminal proceedings are first identified and
collected.
Such an approach becomes then pivotal in those legal contexts, like the EU,
where against a broad definition of “criminal matter”1 complex supervisory and
sanctioning powers are into place.2 This (to date) unavoidable entanglement is fur-
ther complicated by the fact that this matter is no longer regulated exclusively, or
even mostly by national legislation or case-law, but involves the contemporary
action of several international and supranational bodies in the definition of the
applicable legal basis.
To find the way in this intricate legal labyrinth, it is therefore necessary to start
this work mapping the boundaries of the matter under examination, and identifying
some bedrocks which will be a constant reference in the following analysis, con-
cerning the compliance of the new European Central Bank’s investigative and sanc-
tioning powers with fair trial rights, and the protection of privacy and defence rights
in real-time monitoring of banking records.
See below, Sect. 2.3.

1
Cf., e.g., Franssen and Ligeti (2017), p. 1 et seq.

2

https://doi.org/10.1007/978-3-030-12161-7_2
10 2 Finding the Way in a Complex Multi-Level Legal Framework
In order to do so, the Chapter proceeds as follows: Sect. 2.1 circumscribes the
scope of the research, selecting—in the vast panorama of financial operators—those
which will be analysed further in the inquiry over the new frontiers of banking
investigations. To this aim, clarifications will be provided on the difference existing
between financial and credit institutions, and on the increasingly prominent role
played by alternative forms of financing, such as e-currency or Hawala.
Section 2.2 offers a brief recollection of the state of play concerning criminal
liability of legal persons in the EU and in the US. Although not being the main sub-
ject of this work, status of legal entities—that highly varies according to national
rules and legislation—represents a necessary basis to be considered in banking
investigations, especially when it comes to define the procedural rights (that should
be) recognized to these subjects.
Section 2.3 explains the (by now unavoidable) interaction between administra-
tive and criminal matters, a trend that increasingly requires dealing with administra-
tive forms of investigation and sanctioning, such as banking supervision, also under
a criminal law perspective. In this sense, the analysis deals with two general phe-
nomena whose weight in shaping any form of national and international criminal
policy (including the definition and attribution of specific financial investigative
powers) is increasingly-growing: The often-unpredictable role of cooperation net-
works, and the persistent failure to find a shared and effective management of the
risks deriving from violations of the principle of ne bis in idem.
Lastly, Sect. 2.4 presents the methodology and the comparative approach applied
in the research, explaining the peculiarities of carrying out a comparative analysis
including multi-level legal orders and especially the EU, a system whose potentially
federal legal structure is still a work in progress.
2.1 The Definition of “Bank” and “Financial Institution”
A first step to circumscribe the target of this research is to define which are the sub-
jects involved in banking inquiries, beginning with an investigation on the very
concepts of “credit institution” (or “bank”), and “financial institution”.
These terms, in fact, are given specific technical meanings that differ according
to the legal order involved: In the EU and in the US, in particular, the notion of
“financial institution” is only partially overlapping. For instance, while in the US
the definition includes also public institutions when exercising powers related to a
series of listed financial businesses, both at the federal and at local level,3 a similar
provision is not provided for in the EU legislation, which takes into account only the
private sector.
In most cases, however, these notions do not enjoy stable boundaries at the
domestic level either, where the concepts of “bank” and “financial institution” have
notably changed and extended during the last century, not always, as will be
31 U.S.C. § 5312(2), lett. (W).

3
2.1 The Definition of “Bank” and “Financial Institution” 11
described, in a way fully coherent with the risks and the evolution of the financial
markets.
These caveats are relevant not only for academic reasons, but also—and
especially—because they influence the choice on the concrete regulation applicable
to a certain legal entity, and thus (among others) the latter’s legal obligations, and
profiles of administrative and/or criminal liability. The classification of a legal entity
as “credit” or “financial” institution is also often decisive to identify under the com-
petence of which public authorities a certain financial operator falls within, and,
accordingly, which is the kind and the extent of the investigative and/or supervisory
powers that may be exercised against it.
In this sense, starting from a “traditional” situation in which the financial system
was mainly identified in banking-networking, and the most popular investigative
techniques were represented by search and production orders, it could be observed
that most regulations approved in the last decades in financial criminal matter, such
as those concerning Anti-Money Laundering and Countering the Financing of
Terrorism (AML/CFT),4 transnational fraud,5 or market abuse,6 increasingly tend to
expand their scope over both financial and credit institutions (in those contexts in
which the latter are not included in the first category), to face the increasing dema-
terialization, globalisation and fragmentation of the financial markets. At the same
time, the extent of the subjective scope and of the goal pursued by such regulations
often led to conferring (or requiring to confer) to competent authorities identified at
the internal level (not necessarily in judicial or law-enforcement bodies) relevant
intrusive investigating powers not yet recognized, or not yet clearly classified in
national criminal systems, like real-time monitoring (or surveillance) measures.7
In the EU, statutory notions of “credit” and “financial institutions” are provided
for by Regulation No 575/2013, better known as Capital Requirements Regulation
(CRR) recently amended by its second version (CRR II—today only partially
entered into force). CRR represents, together with Directive 2013/36/EU (or Fourth
Capital Requirement Directive-CRD IV also recently amended in its fifth version,
not yet into force),8 a relevant part of the Single Rulebook, the legislative text
4
That is, for instance, the case of the Council of Europe Convention on Laundering, Search,
Seizure and Confiscation of the Proceeds from Crime and on the Financing of Terrorism (CETS
198, Warsaw, 16.05.2005), or of the EU AML directives (see Directive 2018/843, “5th AML
Directive”).
5
Directive (EU) 2017/1371 of 5.07.2017 on the fight against fraud to the Union’s financial interests
by means of criminal law (hereinafter “PIF Directive”).
6
Directive 2014/57/EU of 16.04.2014 on criminal sanctions for market abuse (hereinafter “II
Market Abuse Directive”), and Regulation (EU) No 596/2014 of 16.04.2014 on market abuse
(hereinafter “Market Abuse Regulation”).
7
Cf. Tricot and Martìn (forthcoming). The analysis of the critical issues concerning real-time mon-
itoring of banking data in the EU and in the US is carried out below in Chaps. 7 and 8.
8
Regulation (EU) No 575/2013 of 26.06.2013 on prudential requirements for credit institutions
and investment firms and amending Regulation (EU) No 648/2012 (hereinafter “CRR”), and
Directive 2013/36/EU of 26.06.2013 on access to the activity of credit institutions and the pruden-
tial supervision of credit institutions and investment firms (hereinafter “CRD IV”). CRD IV was
s tanding at the core of the Banking Union project.9 According to CRR, financial
operators are differentiated following the type of pursued financial activities, which,
it should be briefly recalled, are regulated in the EU on the basis of two fundamental
principles: Mutual recognition of financial services, and the home country
principle.
Introduced in 1989 with Directive 89/646/EEC, the so-called Second Banking
Directive,10 mutual recognition in the field of financial activities establishes that a
corporation licenced in a certain Member State may use this single authorization
throughout the whole Union territory to provide the services now listed in Annex I
CRD IV,11 the exercise of which shall be treated in the same manner as national
financial operators by the hosting Member State(s).12
Strictly connected to it, is the home country principle, also introduced by the
Second Banking Directive. According to it, supervision over financial institutions,
banks and branches operating in a Member State different from that of origin, is not
allocated following a strict territorial competence criterion, since those subjects are
kept under the oversight of the authorities of national origin even when operating
abroad.13
Against this background, “financial institutions” are described by Article 4(1)
(26) CRR as undertakings which have the principal goal of acquiring holdings, or
pursuing one or more of certain activities subject to mutual recognition, which do
not include those strictly related to insurance and credit services.14
recently amended by Directive (EU) 2019/878 of 20.05.2019 (“CRD V”), that shall be transposed
by 28.12.2020. CRR will be substituted by CRR II (Regulation (EU) 2019/876 of 20.05.2019)
from 28.06.2021, although a few provisions enter into force earlier. Those already into force and
relevant for the present work will be highlighted in the following analysis.
9
The impact of the Banking Union, with special regard to the creation of new transnational super-
visory (and sanctioning) powers is further analysed in Chap. 4, especially Sects. 4.1 and 4.3.
Highlighting the relevance of such a harmonizing effort, Tröger (2012–2013), p. 208 et seq.
10
Cf. Annex 7, Second Council Directive 89/646/EEC of 15.12.1989 on the coordination of laws,
regulations and administrative provisions relating to the taking up and pursuit of the business of
credit institutions and amending Directive 77/780/EEC.
11
Cf. Annex I, CRD IV, List of Activities Subject to Mutual Recognition: 1. Taking deposits and
other repayable funds. 2. Lending including […] 3. Financial leasing. 4. Payment services […] 5.
Issuing and administering other means of payment […] 6. Guarantees and commitments. 7.
Trading for own account or for account of customers […] 8. Participation in securities issues […]
9. Advice to undertakings on capital structure, industrial strategy and related questions and advice
as well as services relating to mergers and the purchase of undertakings. 10. Money broking. 11.
Portfolio management and advice. 12. Safekeeping and administration of securities. 13. Credit
reference services. 14. Safe custody services. 15. Issuing electronic money.
12
For the concept of “EU passporting” see also Haentjens and De Gioia-Carabellese (2015), p. 9.
Tröger (2012–2013), p. 203 et seq.; Montedoro, Supino (2018), p. 86 et seq.
13
Cf. Article 13, Second Council Directive 89/646/EEC, and Article 3, First Council Directive
77/780/EEC of 12.12.1977 on the coordination of the laws, regulations and administrative provi-
sions relating to the taking up and pursuit of the business of credit institutions.
14
And precisely those listed “in points 2 to 12 and point 15 of Annex I” CRD IV. Cf. also Article 1,
First Council Directive. According to CRR II (in this part entered into force since 27.06.2019) also
“other than a pure industrial holding company”.
From that it derives, that in the EU “banks”—identified stricto sensu as those

undertakings the business of which is to take deposits or other repayable funds from
the public, and to grant credits for their own account15—are not included in the cat-
egory of “financial institutions”. Similarly, insurance undertakings, insurance
holding companies and mixed-activity insurance holding companies, that belong
and are active in the financial market, are not considered “financial institutions”
either.16
On the contrary, a much broader definition of “financial institution” may be
found in the US Code, which provides for a copious list of operators under that
label, applying a functional approach. In particular, 31 U.S.C. § 5312 encompasses
not only credit institutions (listed as: Insured, commercial and investment banks;
and agencies or branches of a foreign bank in the United States), but also investment
firms (listed as: Broker or dealer registered with the Securities and Exchange
Commission; broker or dealer in securities or commodities; and investment com-
pany), as well as insurance companies.17 Dealers in precious metals, stones, or jew-
els; travel agencies; casinos; telegraph companies; businesses engaged in vehicle
sales including automobile, airplane, and boat sales; persons involved in real estate
closings and settlements; and the Postal Service-all further lato sensu financial
operators, which are not explicitly considered by CRR, are also included in the
number under US federal law.18 The list is then completed by a broad safeguard
clause, which affirms that any business or agency engaging in any activity which the
US Secretary of the Treasury determines, by regulation, to be similar to, related to,
or substitute for any of those previously described, or whose cash transactions have
“a high degree of usefulness in criminal, tax, or regulatory matters” falls within the
definition of “financial institution”.19
In light of the above, it is apparent that the same financial operator, including
some key actors like banks or insurance companies, may be differently classified in
the EU and in the US, and therefore differently regulated, depending on which is the
applicable legal framework. This situation, that on one side certainly appears com-
patible with the principles of state sovereignty and national jurisdiction, results
however much less straightforward once considering that many, if not most, finan-
cial operators are today active in a global (and not just national) financial market,
and that most of financial transactions are nowadays dematerialized, so that identi-
fying a specific territorial legal competence is a task much more demanding than it
was in the past.
Against this difference of approaches in the EU and in the US, moreover,
currently it is not possible to find strictly-speaking legal criteria that clearly point to
which interpretation should prevail. The most authoritative attempt in this direction
has been provided for by the Financial Action Task Force (FATF), which, considering
15
Cf. Article 4(1)(1) and (3) CRR, not modified by CRR II.
16
Cf. Article 4(1)(5) and (27, lett. h-j) CRR.
17
31 U.S.C. § 5312(2), letters (A),(B),(D),(G),(H),(I),(M).
18
Idem, letters (N),(Q),(S),(T),(U),(V),(X).
19
Idem, letters (Y) and (Z).
the increasing globalized context where financial operators are performing and fol-
lowing a functional approach, linked the financial character of the institutions to the
pursuing of certain listed activities.20 According to the definition established in the
FATF International Standards on Combating Money Laundering and the Financing
of Terrorism & Proliferation, “financial institution” means any natural or legal per-
son who conducts as a business for, or on behalf of a customer, one or more services
including: Acceptance of deposits and other repayable funds from the public; lend-
ing; financial leasing; money or value transfer services; issuing and managing
means of payment (including electronic money); financial guarantees and commit-
ments; trading in money market instruments, foreign exchange, exchange, interest
rate and index instruments, transferable securities, and commodity futures trading;
participation in securities issues and the provision of related financial services; indi-
vidual and collective portfolio management; safekeeping and administration of cash
or liquid securities, or otherwise investing, administering or managing funds or
money on behalf of other persons; underwriting and placement of life insurance and
other investment related insurance, and money and currency changing.21
Thus, conversely to CRR, the FATF explicitly contemplates corporations such as
banks and insurance companies in the category of “financial institutions”. Its
Standards, however, as it will be further discussed, do not possess legal binding
force, and thus their value is limited to that of influential, but not directly enforce-
able guidelines.22
However, taking into account that the difference between “credit” and “finan-
cial” activities is in practice much more blurring than it appears on paper, adopting
the broader FAFT (and US) approach to “financial institution” appears preferable
for the purpose of this work.
This choice reflects the position, shared by the author, of those who acknowledge
the necessity, and the urgency of extending oversight mechanisms and investigative
techniques beyond the traditional boundaries of financial regulations, which was
originally developed for a less crowded panorama of economic operators with per-
haps a clearer allocation of tasks, and activities.
Indeed, both in the EU and in the US, regulations concerning financial operators
drastically changed over the last century, especially as far as the range of permitted
activities in relation to the level of risk-management pursued by national authorities
is concerned. Since public control in the field of financial transactions has always
been strictly connected to the pace of the financial markets, the weight and the
extent of financial legislation have frequently been modified to patching the national
or international systems after systemic or occasional crises.
In this sense, following the Great Depression of 1929–1930, in the US and in
most of Europe financial institutions, and especially credit institutions were strongly
incentivized to specialize in their services, to delimit their risk exposure in the finan-
cial market, and better safeguard depositors. With time, however, this specialization
20
The role played by the FATF will be illustrated in Sect. 3.2.
21
Cf. definition of “Financial Institutions” in FATF (2012), p. 117–118.
22
Cf. also Sect. 3.2.
greatly failed under a deregulation phenomenon that occurred in almost all Western
countries, and which substantially freed banks from the control of their supervisors
in relevant fields of their activities. Nowadays, under the model of “universal
bank”,23 credit institutions are generally allowed to trade in financial products,
whilst previously this activity was restricted to other financial operators, such as
securities firms and insurance companies.24
In the US, in particular, the prohibition of banks to engage in proprietary trading
was eliminated starting from the 1999 repeal of the Glass-Steagall Act.25 This
reform also allowed banks, securities firms and insurance companies to cooperate,
and exempted investment banks holding companies from direct federal regula-
tions.26 Such an opportunity led several financial groups to merge together creating
the so-called “Too-Big-To-Fail” (TBTF) financial institutions: Giant corporations
able to provide a whole package of financial services; the size, complexity, intercon-
nectedness, and critical functions of which are such that, should they disorderly fail,
the rest of the financial system and the economy would face severe adverse
consequences.27
In the EU, the official acknowledgment of the universal banking model was
reached in 1989 with the Second Banking Directive and its national transpositions,
which included trading in financial futures and options in the list of activities subject
23
This model reduced the relevance on distinguishing the type of activities exercised by banks,
which previously were the bases for identifying Commercial banks (which “is authorized to
receive both demand and time deposits, to make loans, to engage in trust services, to issue letter of
credit, to rent time-deposit boxes, and to provide similar services”) and Investment banks (“whose
primary purpose is to acquire financial businesses, esp. through the sale of securities” and “does
not accept deposits, and apart from selling securities, does not deal with the public at large”), cf.
Garner (2014), p. 173; Ferran (2012), p. 39 et seq; Bradley (2014), p. 286 et seq.
24
Although also before the lifting of the ban similar results were often achieved establishing finan-
cial groups composed by corporations of different nature and sector of activities.
25
Glas-Steagall Act of 1933, also known as the Banking Act, P.L. 73–66.
26
Gramm-Leach-Bliley Act of 1999, also known as the Financial Services Modernization Act, P.L.
106–102.
27
The term TBTF became popular since 1984, when it was used by a Connecticut Congressman,
Stewart B. McKinney, during a debate concerning the Federal Deposit Insurance Corporation’s
intervention to rescue the Continental Illinois Bank, and it does not imply, of course, the impossi-
bility for those entities to fail, as the Lehman Brothers example clearly showed. Currently, the
TBTF problem, that includes also a substantial inability to prosecute, is monitored by the Financial
Stability Board (FSB) that explicitly deals with Systemically Important Financial Institutions
(SIFIs), cf. FSB (2017). The same institution has also released a list of the SIFIs or TBTF banks,
recently updated, which includes 30 institutions such as (in descending order): JP Morgan Chase,
Bank of America, Citigroup, Deutsche Bank, HSBC, Bank of China, Barclays, BNP Paribas […]
Goldman Sachs […] Morgan Stanley […], Royal Bank of Scotland, Santander, Société Générale
[…], Unicredit Group. The critical issues related to those huge banking groups are taken into
account also at EU level, see, e.g., European Commission, European Financial Stability and
Integration Report 2012, 24.04.2013, SWD(2013) 156 final, p. 56 et seq. http://ec.europa.eu/inter-
nal_market/economic_analysis/docs/efsir/130425_efsir-2012_en.pdf. Accessed 17 July 2018. Cf.
Black (2010), p. 6. Reporting how this concept could be set aside in light of the Holder banking
investigation’s policy, Vervaele (2017), p. 167; contra Rakoff (2014).
to mutual recognition that banks may exercise within the whole territory of the
Union.28
Unfortunately, a link between this trend and the burst of the last financial crisis
appears far from been casual. Indeed, as pointed out by several studies, over the past
20 years the more typical case of banking crises “has been one in which banks in
various countries have faced capital requirements set too low based upon the overall
riskiness of their activities”. Policy towards financial liberalization—blindly carried
out in an environment in which banks are inadequately capitalized and bank regula-
tion and supervision are weak—has been meaningfully defined as “a recipe for
disaster”.29
This de-regulation trend persisted during the last century until, starting from
2009 to 2010, some changes appeared under the repercussions of the last financial
crisis. In the aftermath of the economic collapse, indeed, several were the authors
who pointed out how the phrase the “privatisation of gains and the socialisation of
losses” has come to epitomise the crisis, also due to the model of universal banking
and Too-Big-Too-Fail credit institutions.30 The financial crisis indeed revealed all
the limits of a banking system in which credit institutions are «global in life, but
national in death».31 In the US, the most tangible sign in this sense is expressed by
the Congress’ approval of the Dodd-Frank Act, and especially by the so-called
Volcker Rule, which re-established some restraints on the possibility for banks and
other large financial institutions to engage in proprietary trading and investments in
hedge funds, although without seriously affecting the endurance of the system of
universal banking.32
This profile was specifically tackled in the European Union by the Liikanen
Group, promoted by the European Commission to study the reforms necessary to
the banking system. In 2012, a report from the Group clearly asserted the urgency
to revise the paradigm of universal bank, to reduce the exercise of high-risk opera-
tions undertaken by banks active in the deposit services. In this sense, the Group
28
Cf. Annex, 7(c), Second Council Directive 89/646/EEC. In Italy, for instance, the removal of the
separation of activities (realized with R.D.L. 12.03.1936, no 375 “legge bancaria”), begun with the
law, 30.07.1990, no 218 (“legge Amato”) and was completed with the issuing of the new banking
code in 1993 (d.lgs. 1.09.1993, no 385, “Testo Unico delle leggi in materia bancaria e
creditizia–T.U.B.”). Recently, the Parliamentary Committee on banking investigations issued a
final report in which several proposals concerning also the banking system have been included,
among which the recommendation to pursue a separation of investment and commercial banks at
the European level, cf. Senato della Repubblica, Legislatura 17a, Commissione parlamentare di
inchiesta sul sistema bancario e finanziario, Resoconto sommario n. 47, 30 January 2018, at 9.5,
no. 21, http://www.parlamento.it/japp/bgt/showdoc/frame.jsp?tipodoc=SommComm&leg=17&id
=01064008&part=doc_dC-sedetit_a1&parse=no#_Toc505072310. Accessed 18 July 2018.
29
Cf., e.g., Barth et al. (2004), pp. 43–45.
30
Black (2010), p. 3 et seq.
31
King (2009), p. 36; Black (2010), p. 33 et seq.; Bradley (2014), p. 280.
32
Cf. “Volcker Rule,” Section 619 of the Dodd–Frank Wall Street Reform and Consumer Protection
Act, P.L. 111–203, H.R. 4173, better known as Dodd–Frank Act, effective from July 21, 2010. For
some critical considerations on the external jurisdiction contained in this rule, and in the Dodd-
Frank Act, see Vervaele (2017), pp. 185–187.
concluded that “it is necessary to require legal separation of certain particularly

risky financial activities from deposit-taking banks within the banking group. The
activities to be separated would include proprietary trading of securities and deriva-
tives, and certain other activities closely linked with securities and derivatives mar-
kets […] The central objectives of the separation are to make banking groups,
especially their socially most vital parts (mainly deposit-taking and providing finan-
cial services to the non-financial sectors in the economy) safer and less connected
to trading activities; and, to limit the implicit or explicit stake taxpayer has in the
trading parts of banking groups. […] Separation of these activities into separate
legal entities is the most direct way of tackling banks’ complexity and
interconnectedness”.33
This notwithstanding, as in the US, the model of universal banking was not really
deserted in the EU either, where the reforms rather focused on the creation of a
centralized supervisory model under the launch of the Banking Union.34
Another reason to adopt a broader notion of “financial institution” is that it seems
to better account for the considerable number of “unconventional” subjects which
have entered the financial market–subjects that are often able to offer lower prices
and higher velocity in transactions compared to “traditional” financial operators,
thanks to alternative payment channels.
Indeed, while financial institutions (in its broader, but traditional meaning) and
above all banks, are bound by legal obligations, and exposed to investigative powers
derived from various sources of administrative and criminal law, many are the enti-
ties that in practice perform financial operations which are let slip from a public
oversight proportionate to their increasing weight in the day-by-day management of
financial transactions.
This is the case, for instance, of e-currency providers and crowdfunding plat-
forms, that provide some credit services without being proper credit institutions,35
or informal money-transfer systems deriving from specific geographic regions or
ethnic communities, which mostly spread worldwide through migration flows.
Among the latter, the most notorious certainly is the Hawala, a network extensively
operating since many centuries in South Asia, and now particularly common in the
Middle East and in Africa. In the Hawala model, service providers operate at a
transnational level through non-bank settlement methods founded on mutual trust,
such as: Physically moving currency or precious metals or stones; importing or
exporting of goods; settlement of pre-existing debts; and paying or receiving money
from third party accounts.36
33
Cf. Liikanen (2012)(chaired by), p. 100 et seq.
34
The impact of the Banking Union is further analysed in Chap. 4, especially Sects. 4.1 and 4.3.
35
A proposal to regulate equity crowdfunding was issued by the Commission, cf. Proposal for a
Regulation of The European Parliament and of The Council on European Crowdfunding Service
Providers (ECSP) for Business, Brussels, 8.3.2018 COM(2018) 113 final, see e.g., p. 10.
36
The Hawala (transfer, in Arabic, from which also derives the Italian word avallo) is believed to
have developed with the need of financing long-distance trades, especially among Italian cities and
the Muslim world, in the early medieval period, introducing the concept of transfer of debt, other-
Of course, opting for Hawala and Other Similar Service Providers (HOSSPs),37
as well as for other “alternative” financial operators, such as bit-coin payment
system platforms,38 represents an absolutely legitimate choice in light of fundamen-
tal principles, such as the freedom to conduct a business, and the protection of pri-
vacy, recognised in most domestic legal orders as well as by the Charter of
Fundamental Rights of the European Union (CFREU),39 the European Convention
on Human Rights (ECHR),40 and the American Convention on Human Rights
(ACHR).41 Likewise, the need of expatriate workers to transfer personal remittances
to their countries of origin provides a perfectly legitimate explanation for the cre-
ation of financial systems within ethnical communities in different countries.
Hawala may even be considered essential, to support the financial development of
areas in which access to “traditional” banking services is limited, or boast little
confidence for geographical, cultural and historical reasons.
These “alternative” financial systems, however, are characterized by particularly
relevant features: A pronounced fragmentation of providers; the use of form of pay-
ments (such as cash or value) that usually leave few or no paper (or rather digital)
trail42; and a general absence of public supervision.43 As a consequence, operators,
wise not allowed under Roman law. Even if hawala is not a universal term, there is a universal
recognition of the existence of hawala or hawala-like providers across jurisdictions, characterized
by similar and unique mechanisms; see Badr (1978). For a comparative analysis on the impact of
HOSSPs, see also FATF (2013).
37
“HOSSPs, for the purpose of the typology, are defined as money transmitters, particularly with
ties to specific geographic regions or ethnic communities, which arrange for transfer and receipt of
funds or equivalent value and settle through trade, cash, and net settlement over a long period of
time”, see FATF (2013), p. 9.
38
For an overview on the bit-coins, see, e.g., EBA (2014); Bryans (2014), p. 441 et seq.; Christopher
(2014), p. 1 et seq.; Marian (2015), p. 53 et seq.; Ajello (2015), pp. 435–461; Malone (2014); Brito
et al. (2015); Tapscott and Tapscott (2017); Zou (2014); Stokes (2012); Pflaum and Hateley (2014);
Kleiman (2013); Gruber (2013).
39
Cf. Articles 16 and 7, Charter of Fundamental Rights of The European Union (CFREU), OJ C
326, 26.10.2012, pp. 391–407.
40
Cf. Article 8 Convention for the Protection of Human Rights and Fundamental Freedoms (better
known as European Convention on Human Rights-ECHR), CETS 005, Roma, 04.11.1950, and
Article 1, Protocol to the Convention for the Protection of Human Rights and Fundamental
Freedoms, CETS 009, Paris, 20.03.1952.
41
Cf. Articles 21 and 11, American Convention on Human Rights, adopted at the Inter-American
Specialized Conference on Human Rights, San José, Costa Rica, 22.11.1969, and entered into
force in 18.07.1978 (signed but never ratified by the US).
42
Analysing the digital dimension of banking data in real-time monitoring Sect. 8.1.
43
Notwithstanding the international support for the development and financing of supervisory
practices, cf. Special Recommendation VI and its interpretative note, in FATF (2001).
The Recommendation has been transposed at EU level by Directive 2007/64/EC of 13.11.2007
on payment services in the internal market amending Directives 97/7/EC, 2002/65/EC, 2005/60/
EC and 2006/48/EC and repealing Directive 97/5/EC, under the Commission initiative, see
Communication from the Commission to the Council and the European Parliament on the
Prevention of and the Fight against Terrorist Financing through measures to improve the exchange
of information, to strengthen transparency and enhance the traceability of financial transactions,
Brussels, 20.10.2004 COM(2004) 700 final, p. 7.
customers, and transactions performed through these channels are not easily identi-
fiable. Unsurprisingly then, “alternative” financial operators may also result very
attractive means for realizing low-risk illicit transactions, sometimes involving seri-
ous crimes such as transnational tax fraud, money laundering, and terrorist
financing.44
Facing the extreme difficulties in establishing an effective form of oversight (if
any) above HOSSPs, some countries opted for an explicit prohibition of such
systems; a choice which though revealed itself to be of little or any success in reduc-
ing their use in daily transactions, as it is unpractical to enforce a ban when a target
is virtually undetectable.45 Also countries where HOSSPs are formally legal,
however, have a particularly hard time in officially identifying, licensing or regulat-
ing these systems, not last due to the difficulties in gathering substantive data over
these phenomena. In the US, forms of alternative remittance are under the combined
supervision of several federal agencies: The Financial Crimes Enforcement Network
(FinCEN), the Homeland Security Investigations (HSI) and the FBI.46 In the EU, the
oversight on HOSSPs relies mainly at the national level, in the coordination among
Financial Intelligence Units,47 and in the occasional establishment of Joint
Investigative Teams.48
The intrinsic transnational dimension of HOSSPs and e-commerce, as well as
their virtual and instantaneous character however, often require a level of coopera-
tion among competent authorities which is still far from being achieved due to lack
of political will, training, or resources—circumstances that frequently make already
44
On the possible use of HOSSPs for illicit purposes, see e.g. FATF (2013), p. 27 et seq.; FATF
(2015, 2017); European Parliament (2011), p. 42; Roth et al. (2004), p. 68.
45
Such as in India, or Pakistan. “Among the 33 surveyed countries, 18 countries treat hawala and
other similar service providers as illegal while 15 countries consider them legal if registered or
licensed. Interestingly, most developed countries allow licensing or registration of HOSSPs, while
developing countries do not. Within the developed countries respondents, only six out of 17 coun-
tries define hawala and other similar service providers as “illegal” and the remaining eleven have
legalised hawala and other similar activity if service providers are either registered or licensed. On
the other hand, 12 out of 16 developing countries respondents define hawala and other similar
activity as “illegal” and only 4 countries allow them to operate legally if licensed or registered (See
Table 3.1). One of the reasons put forward by developing countries”, cf. FATF (2013), p. 45; see
also pp. 11–25: “In the first decade after 9/11, the globe has been largely ineffective in supervising
HOSSPs […] the scale of unregulated hawalas is unknown and is impossible to generalize. Most
countries have difficulties reaching credible estimates of the size of unregulated hawala and other
similar service providers”.
46
HSI, Hawalas, in The Cornerstone Report, Volume VII, 2, Summer 2010, pp. 1–2. https://www.
ice.gov/doclib/news/library/reports/cornerstone/cornerstone7-2.pdf. Accessed 18 July 2018.
47
The FinCEN represents the US Financial Intelligence Unit; cf. Sect. 3.3.
48
Also the approval of the EU Directive on Payment Services (PSD) represents an important step
towards a comprehensive registration of the transmitters, taking into account the risk-profile of the
providers, cf. Directive (EU) 2015/2366 of 25.11.2015 on payment services in the internal market,
amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No
1093/2010, and repealing Directive 2007/64/EC.
critical for most legal orders to realize effective supervision over “traditional” finan-
cial transactions and institutions.49
For this reason, and also considering the heterogeneity characterizing the cate-
gory of “alternative” financial operators (if even it would be possible to gather them
all under a single label), this work focuses mainly on “traditional” financial institu-
tions. Among those, banks will be especially taken into account, as the most rele-
vant developments regarding criminal investigations in the financial matter of the
last few years—namely the establishment of transnational investigative and
sanctioning powers,50 and the surveillance on banking (and personal) records51—
had precisely seen credit institutions as their main targets.
Keeping in mind the existence and the impact of “alternative” financial institu-
tions, however, remains necessary to provide the essential perspective that no analysis
on banking investigations should ever forget: As much as establishing effective
rules and procedures applicable to “traditional” financial institutions already appears
a goal difficult to achieve, that represents just a small step in the fight against finan-
cial (or other forms of) crimes; a step which still leaves a huge bulk of the iceberg
to be dealt with.
2.2 Criminal Liability of Legal Persons: A Brief Overview
Although not representing the main subject of this work, dealing with financial
institutions in criminal investigations also requires to briefly take into account the
debate over the possibility for a collective entity to be held responsible for criminal
offences.52
In the US, this option was introduced at the beginning of the last century, through
the Supreme Court decision New York Central & Hudson River Railroad Co. v.
United States, which extended the tort doctrine of respondeat superior to criminal
cases.53 Since then, and regardless of several and often severe critics,54 criminal
liability of legal persons or organizations, mainly corporations, has become an
established feature in the US judicial system.55
49
Cf. FATF (2013), p. 68.
50
Descripting these powers Chap. 4 (analysed in light of fair trial rights, cf. Chap. 6).
51
Analysed in Chaps. 7 (state of play) and 8 (proposals for a possible way forward).
52
Presenting though critical profiles originated by the need to adapt rules of criminal procedure to
legal persons as defendants, such as: the identification of the liable subjects within the legal person;
the nature of legal corporate liability; the value of corporate compliance programmes; and the
potential conflicts in terms of defence rights between the physical members of the legal entity and
the entity itself. See Beale (2014), pp. 27–54; Lupária (2010), p. 801; Cerqua et al. (2014); Zagaris
(2017), pp. 19–56; Cappel (2017), pp. 57–78; Renzetti (2017).
53
212 U.S. 481 (1909).
54
See Khanna (1996), Moore (2010), Coffee (1981), Robinson (2003) and Hamdami and Klement
(2008).
55
Also in the Model Penal Code adopted by some States, in fact, the principle of corporation’s
2.2 Criminal Liability of Legal Persons: A Brief Overview 21
The theoretical possibility to enforce such a liability, however, does not mean per
se that in practice criminal convictions for corporations are frequently pursued.
Indeed, the decision to charge a corporation is particularly delicate, especially when
considering the consequences that sanctions might have on shareholders and
employees. In the US, this awareness—substantially increased after the notorious
Arthur Anderson LLP case in the wake of Enron’s collapse just a few years before
the breaking out of the last financial crisis56—led to a drastic slowdown in targeting
corporations and to a shift towards the liability first of senior corporate executives
and then of even lower-level employees instead.57
This phenomenon however, did not cause organizations criminal liability to be
evicted from the American legal system, but merely operated a swing in the goals
pursued through it. Rather than a direct incriminating mechanism, presently corpo-
rate criminal liability remains appreciated in the US as a valuable prosecutorial tool
apt to force a corporation to adopt internal measures, and opt for form of pre-trial
resolution, such as deferred prosecution or non-prosecution agreements.58
In Europe, the situation over criminal responsibility for legal persons looks more
fragmented.59 While the EU has strongly promoted the implementation of forms of
liability towards organizations committing or facilitating the commission of
crimes,60 it also left—as typical in the Area of Freedom, Security and Justice—full
criminal liability is not denied, even if the burden of proof is significantly higher for the
Government, cf., e.g., Section 2.07(1); see also Strader (2011), p. 20 et seq.
56
United States v Arthur Andersen, LLP, 374 F.3d 281, 284 (6th Cir. 2004), rev’d, 125 S. Ct. 2129
(2005). According to the Sentencing Commission’s yearly reports of corporate convictions, from
2007 to 2012 fewer than 200 corporations were convicted per year in the federal courts, see, e.g.,
U.S. Sentencing Commission (2016), Organisational Sentencing Practice-Table 51, reported also
(in its 2012 version) by Beale (2014), p. 22.
For opposite comment to the impact of such a practice related to the financial crisis, see Rakoff
(2014) and Uhlmann (2013).
57
Who nowadays are reported to be increasingly charged and convicted, see Brickey (2006), p. 15,
according to whom “The corporate fraud prosecution cycle following Enron’s collapse has pro-
duced an unparalleled number of criminal trials of senior corporate executives in just three years.
While guilty pleas and cooperation agreements are strategically significant in developing these
cases, the number of CEOs, CFOs, and other senior managers who have been charged and tried
belies critics’ assertions that mid- level managers who plead guilty become scapegoats, while their
superiors go scot free”. Giving reason of the shifting towards lower-level employees Rakoff (2014)
and Garrett (2014).
58
That was the case for instance of relevant financial institutions, such as Merrill Lynch & Co, and
Monsanto, see Beale (2014), p. 24, citing Garrett (2007). On Deferred Prosecution Agreements
see, e.g., Cunningham (2014), Kaal and Lacine (2014) and Ruggiero (2015). On the extent of
prosecutorial powers with regard to compliance programs, see Zagaris (2017), p. 57 et seq.
59
Beale and Safwat (2004), pp. 97–98.
60
Cf. Articles 5–6, Directive 2011/36/EU of 5.04.2011 on preventing and combating trafficking in
human beings and protecting its victims; Article 12, Directive 2011/92/EU of 13.12.2011 on the
assessment of the effects of certain public and private projects on the environment; Recital (18) and
Article 8, Market Abuse Directive; Article 30, lett. j), Market Abuse Regulation; Article 6, Directive
2014/62/EU of 15.05.2014 on the protection of the euro and other currencies against counterfeiting
by criminal law; Article 17, Directive (EU) 2017/541 of 15.03.2017 on combating terrorism;
discretion to the Member States in choosing the actual nature of such responsibility
as long as the sanctions imposed are “effective, proportionate and dissuasive”.61
As a result, similarly to the US, also in the EU legal entities may be held respon-
sible for their involvement in criminal activities, facing however rather different
consequences according to the applicable regulation enforced at the national level:
Following the Union’s commitment, most Member States opted for models of
criminal liability62; a consistent group of countries, though, went for alternative
forms of responsibility, namely administrative (i.e. DE and EL), or for hybrid mod-
els combining some features of both paradigms (e.g. IT).63 This discretion gave rise
to an inhomogeneous legal framework, inasmuch critical as the context in which
most corporations—and particularly financial ones—are nowadays operating takes
place on a European, if not global, level.
Within these frameworks, banks may be the direct target of criminal investiga-
tions for a wide range of crimes, for instance pertaining to accounting frauds, the
deception of conflicts of interest or other irregularities at the expenses of their own
customers, and of the general safety and soundness of the market.
Clear examples of these conducts directly come from the last financial crisis,
where undisclosed conflicts of interest have been decisive both in producing a false
impression of safety for most of the too-late-discovered junk securities, and in exac-
erbating the already tragic consequences suffered by a vast majority of investors.64
As reported by the US Senate Permanent Subcommittee on Investigations in 2011
“the crisis was not a natural disaster, but the result of high risk, complex financial
products; undisclosed conflicts of interest; and the failure of regulators, the credit
rating agencies, and the market itself to rein in the excesses of Wall Street”.65
Notable cases in this sense may be found in the violations of disclosure duties
required by securities law perpetrated by Goldman Sachs in the years 2006–2007
when, after having built a strong proprietary position in the mortgage market, the
bank started to bet against it, in some cases taking positions “that paid off only when
some of its clients lost money on the very securities that Goldman Sachs had sold to
them and then shorted. Altogether in 2007, Goldman’s mortgage department made
Article 6 PIF Directive; Articles 7–8, Directive (EU) 2018/1673 of 23.10.2018 on combating
money laundering by criminal law.
61
This expression is typically repeated in most legislative acts of the Union when it comes to
impose sanctions (independently from the administrative or criminal nature) since the notorious
Greek Maize case (Commission of the European Communities v Hellenic Republic, Case 68/88,
21.09.1989, ECLI:EU:C:1989:339, § 24), cf., e.g., European Commission, Towards an EU
Criminal Policy: Ensuring the effective implementation of EU policies through criminal law,
Brussels, 20.9.2011 COM(2011) 573 final, p. 9; and the current version of Article 325 TFEU.
62
Cf. Mongillo (2012), pp. 75–95; Clifford Chance (2012).
63
Also AT, BG, SE, SK and PL opted for a hybrid system, cf. Mongillo (2012), p. 85.
64
The influence of conflicts of interests under the profile of independence required to banking
supervisors by the Basel Core Principles is analysed below in Sect. 6.1.1 (for the Basel Core
Principles, see Sect. 3.5).
65
U.S. Senate Permanent Subcommittee on Investigations (2011), p. 1; Padoa Schioppa (2009);
Caprio and Klingebiel (2003).
2.3 The Interaction Between Administrative and Criminal Matter 23
$1.1 billion in net revenues from shorting the mortgage market”.66 Subject to several
civil suits, in 2016 Goldman Sachs eventually agreed to settle the claims with a fine
of about $ 5 billion, accompanied by the admission of having provided incomplete
information to the investors in the portfolio selection process as far as their eco-
nomic adverse interest to the bank was concerned.67
Similar conducts, of course, are not restricted to overseas actors. In the EU, for
instance, hidden conflicts of interest and illicit cartels among banking and financial
institutions brought to the so-called “Libor/Euribor scandal”, involving several
major banking groups such as Deutsche Bank, JP Morgan, Citicorp, Barclays, Royal
Bank of Scotland, Bank of America, UBS, HSBC, ICAP, Société Générale. What
came to light in 2012 was that the panels determining both indexes68—that have a
great influence on consumers, since they represent the daily reference rates for
mortgages, consumer lending products, futures, options, swaps and other derivative
financial instruments—had been deliberately manipulated since almost 15 years, for
the benefit of some banks and securities traders which requested fixed figures to
take advantage of, and consequently faced several civil, administrative and criminal
proceedings both in the US and in the EU.69
Due to the relevant interests involved, especially when consistent bulks of private
investors become victims of hazardous speculative financial operations, cases like
those described above easily arise public attention on legal profiles (already exten-
sively debated at the academic level) such as the boundaries of corporate criminal
liability and the extent of the imposable sanctions.
The following analysis, on the other side, deals with an aspect of corporate crimi-
nal liability which has not so far received a comparable public attention, albeit hold-
ing a prominent role in shaping the development of new powers and safeguards in
criminal proceedings: The interaction between administrative and criminal matter.
66
Id., p. 36.
67
Cf. Goldstein (2016) and Free (2012).
68
The London Interbank Offered Rate (Libor) consists of “a daily compilation by the British
Bankers Association of the rates that major international banks charge each other for large-volume,
shorT-term loans of Eurodollars, with monthly maturity rates calculated out to one year. These
daily rates are used as the underlying interest rates for derivative contracts in currencies other than
the euro”; while the Euro Interbank Offered Rate (Euribor) is “a measure of what major interna-
tional banks charge each other for large-volume, shorT-term loans of euros, based on interesT-rate
data provided daily by a panel of representative banks across Europe” cf. Garner (2014), respec-
tively p. 1085 and p. 671.
69
Cf. European Commission, Antitrust: Commission fines banks € 1.49 billion for participating in
cartels in the interest rate derivatives industry, Brussels, 4.12.2013, http://europa.eu/rapid/press-
release_IP-13-1208_en.htm#footnote-1. Accessed 18 July 2018. Citicorp, JPMorgan Chase & Co.,
Barclays PLC, The Royal Bank of Scotland PLC, and UBS AG agreed to plead guilty to felony
charges to the US Department of Justice, cf. DOJ, Five Major Banks Agree to ParenT-Level Guilty
Pleas, 20.05.2015. https://www.justice.gov/opa/pr/five-major-banks-agree-parenT-level-guilty-
pleas. Accessed 18 July 2018. For an analysis of the Fortis Bank case, see Vervaele (2014), p. 61
et seq., and more recently also on Libor/Euribor and BNP Paribas (the latter concerning however
an embargo violation), Vervaele (2017), pp. 10–174. For an analysis of the changes in bank corpo-
rate governance after the financial crisis, see Hopt (2012), p. 343 et seq.
2.3 T
he Interaction Between Administrative and Criminal
Matter
The increasingly strict connection between administrative and criminal matters is a

phenomenon that today cuts across several fields of criminal law, but whose impact
in financial and banking investigations has in the last few years become nothing less
than essential.70
The conclusion that these two legal fields should not be studied only as separated
systems has long been affirmed by scholars, even though often without receiving an
adequate acknowledgement till very recent times.71 Adopting a comprehensive
approach, in any case, becomes imperative in the analysis of procedural paradigms
in which multi-disciplinary cooperation, both at the internal and at the transnational
level, plays a relevant role.
That certainly is the case of financial and banking investigations, where a com-
plete picture of the investigative powers, and subsequent procedural safeguards,
shall not only take into account the critical issues arising from special investigative
techniques applicable in criminal proceedings (such as production orders, or real-
time monitoring of banking records72), but also, and increasingly, the supervisory
powers which banks are subject to at the administrative level.73
Interaction between criminal and administrative matter usually arises because a
single conduct may be relevant under both forms of liability.74 Critical profiles thus
emerge first with regard to the possibility of exchange information among different
proceedings, as the guarantees recognized to the subject(s) involved may notably
vary according to the procedure (administrative or criminal) that applies in (or is
chosen for) the concrete case.75 Moreover, this procedural overlapping, which may
end up also in a substantive duplication of sanctions, often appears problematic in
light of the prohibition of double jeopardy, or bis in idem (as usually referred to,
respectively, in the US and in Europe).76
70
Singh (2015), p. 458, that underlines how “The growth in the use of administrative sanctions is
nevertheless based on a systematic process of decriminalising regulatory offences, which has cur-
tailed the use of criminal sanctions for all but the most serious offences. It is only in more recent
times, in the aftermath of the global financial crisis, that we have seen a re-emergence of criminal
sanctions to complement other enforcement sanctions”.
71
The necessity of this comprehensive approach has been recognized already in the 1980s, see,
e.g., Paliero (1980), p. 1254 et seq.; on the persistent difficulty to affirm this approach, see Vervaele
(2017), p. 168.
72
For a classification of the main banking investigative measures, cf. Chap. 7, Sects. 7.2 to 7.4.
73
Cf. Chap. 4, Sects. 4.4.1 to 4.4.3 for the Eurozone, and Chap. 5 for the US legal system.
74
On the increasingly blurring difference between administrative and criminal law see, e.g.,
Franssen and Ligeti (2017), pp. 10–11.
75
Cf. below, Sect. 2.3.4; for the US and the EU analysis, Chap. 6 (respectively, Sects. 6.1.2 and
6.1.3).
76
Cf. below, Sects. 2.3.1, 2.3.2 and 2.3.3.
These issues, in particular, have become a major concern in the EU, where a
consolidated jurisprudence of the Court in Strasbourg (ECtHR) clearly adopted a
substantial approach to autonomously identify the notion of “criminal” or “puni-
tive” matter, since its 1976 landmark decision Engel and others v. The Netherlands,
which famously established three criteria.77
The first Engel criterion concerns the classification of the provision in question
under national law. In the interpretation of the Court, however, this parameter is
relevant only if national regulations classify the provision under criminal law; this
not being the case, the determination of the substantive nature must rely only on the
two other criteria.78
According to the second Engel criterion, la matière pénale shall be defined con-
sidering the nature of the offence. This feature, as interpreted by the ECtHR follow-
ing case-law looking in a comparative perspective to the practices followed by the
Contracting States, shall be assessed determining: Whether the legal rule in ques-
tion is directed solely at a specific group or has a generally binding character79;
whether it has a punitive or deterrent purpose80; and whether the imposition of any
penalty is dependent upon a finding of guilt.81
The first sub-criterion, the identification of potential targets has been mainly
developed by the Court to try at distinguishing criminal from disciplinary proceed-
ings, which are “generally designed to ensure that the members of particular groups
comply with the specific rules governing their conduct”.82 Often, however, this
parameter appears inconclusive, as numerous are the cases in which offences have
a “mixed character” (disciplinary and criminal),83 or where a criminal law provision
can apply only to certain subjects (minors, civil servants, banks…).84 On the other
side, the sub-criterion concerning the purpose of the sanction is frequently applied
to distinguish criminal from compensatory sanctions; this might happen, for
77
Engel and o. v the Netherlands, 8.06.1976, Application no. 5100/71; 5101/71; 5102/71; 5354/72;
5370/72. Among the extensive body of literature that examined the implications of the Engel case-
law in general terms see, e.g., Van Dijk (2006), pp. 543–554; Trechsel (2005), p. 13 et seq.; Harris
et al. (2014), p. 373 et seq.; Ubertis (2009), p. 25 et seq.; Mazzacuva (2013), p. 1899 et seq.; Manes
(2012), p. 258 et seq.; Lupária (2017), p. 940; Weyemberg and Galli (2014).
78
See, e.g., Campbell and Fell v the United Kingdom, 28.06.1984, Application nos. 7819/77;
7878/77, § 72; Demicoli v Malta, 27.08.1991, Application no. 13057/87, § 34. See also Van Dijk
(2006), pp. 543–544; Trechsel (2005), p. 18; Harris et al. (2014), pp. 373–376.
79
Cf., e.g., Bendenoun v France, 24.02.1994, Application no. 12547/86, § 47. See Trechsel (2005),
p. 30, according to which this criteria should be the “essential one”.
80
Cf. e.g. Öztürk v Germany, 21.02.1984, Application no. 8544/79 § 53; Bendenoun v France § 47.
81
Cf., e.g., Benham v the United Kingdom, 10.06.1996, Application no. 19380/92, § 56; A.P., M.P.
et T.P. v Switzerland, 29.08.1997, 71/1996/690/882, § 42. Cf. also Trechsel (2005), pp. 19–21, and
in particular p. 19, underlining the ambiguity in jurisprudence of the Court, that in Benham refers
to the nature of the proceedings, rather than of the offence.
82
Weber v Switzerland, 22.05.1990, Application no. 11034/84 § 33, see also Demicoli v Malta§ 33.
83
Cf. Trechsel (2005), p. 21, according to whom “these two types of sanctions should be deter-
mined in different sets of proceedings. At any rate, if there is only one set of proceedings, it must
be criminal”, and p. 27, recognizing the “weakness” of this criterion.
84
Cf. Van Dijk (2006), p. 544.
instance, in tax law, where “purely” tax penalties are usually considered administra-
tive, while surcharges may be recognized a punitive character.85
The third Engel criterion concerns the nature and degree of severity of the
penalty,86 to be evaluated on the basis of the sanction potentially applicable to the
subject, rather than on what is practically inflicted.87 Restrictions of personal
freedom have been usually considered by the Court as a clear sign of substantive
criminal nature; however, the fact that an offence is not punishable by imprisonment
is not decisive in itself to prevent a similar conclusion too.88
In particular, the ECtHR has repeatedly classified under the label of criminal
matter several proceedings in which the penalties imposed were mostly pecuniary,
such as those relating to tax surcharges,89 customs law,90 or pertaining to certain
national administrative independent authorities with powers in the spheres of eco-
nomics, financial or competition law.91 This criterion, however, implies a certain
margin of appreciation in its application, as the Court has not established clear
thresholds above which a penalty may be considered severe enough as to integrate
a criminal nature.92
According to the ECtHR case-law, the second and third Engel criteria may be
applied alternatively, so that it is not necessary to ascertain both the real nature of
the offence, and the severity of the penalty to recognize the substantive criminal
character.93
85
Cf. e.g., Bendenoun v France, § 47; J.J. v The Netherlands, 27.03.1998, 9/1997/793/994, § 37;
E.L., R.L. and J.O.–L. v Switzerland, 29.08.1997, 75/1996/694/886, § 46; J.B. v Switzerland,
3.05.2001, Application no. 31827/96, § 47–49.
86
Engel, §§ 82–83. Cf. also Van Dijk (2006), pp. 548–554; Trechsel (2005), pp. 23–27.
87
Campbell and Fell v the United Kingdom, § 38; on the issue, see also Trechsel (2005), p. 26.
88
Öztürk v Germany, § 53; Nicoleta Gheorghe v Romania, 3.04.2012, Application no. 23470/05, §
26; Garyfallou Aebe v. Greece, 24.09.1997, 93/1996/712/909, § 34. However, not all imprisonment
sanctions are per se implying a criminal nature, cf. Van Dijk (2006), p. 550 and case-law there
mentioned.
89
“On the basis of the following elements: (1) the law setting out the penalties covered all citizens
in their capacity as taxpayers; (2) the surcharge was not intended as pecuniary compensation for
damage but essentially as a punishment to deter reoffending; (3) it was imposed under a general
rule with both a deterrent and a punitive Purpose; (4) the surcharge was substantial”, cf. Jussila v.
Finland, 23.11.2006, Application no. 73053/01, § 32.
90
Salabiaku v France, 7.10.1988, Application no. 10519/83.
91
Cf. Lilly France S.A. v France, 14.10.2003, Application no. 53892/00; Dubus S.A. v France,
11.06.2009, Application no. 5242/04; A. Menarini Diagnostics S.r.l. v Italy; 27.09.2011,
Application no. 43509/08; Grande Stevens and others v Italy, 4.03.2014, Application no. 18640/10;
Nodet v France, 6.06.2019, Application no. 4732/14, see De Amicis (2014), p. 201; Viganò (2014),
p. 219.
92
Cf. Van Dijk (2006), pp. 551–552; Trechsel (2005), pp. 23–24, contra—considering that having
a fixed threshold is not practicable—Gravenwarter (1997), p. 97 et seq.
93
Cf. e.g. Öztürk v Germany, § 54; Lutz v Germany, 25.08.1987, Application no. 9912/82, § 55;
Ravnsborg v Sweden, Application no. 14220/88, 23.03.1994, §§ 30 and 35; Garyfallou, § 33
although the Court has not always been consistent in this respect, cf. Trechsel (2005), pp. 27–28.
As renown, the declaration by the Court in Strasbourg that a certain provision

belongs to the matière a coloration pénale has relevant practical effects, first of all
the scrutiny over the legitimacy of the whole proceeding according to the “fair trial”
parameters provided for by Article 6 of the European Convention on Human Rights
(ECHR).
Unsurprisingly therefore, the Engel case-law brought major implications for
national legal systems. Indeed, deciding whether to incriminate or not certain con-
ducts is a delicate policy decision, and the criminal matter, regardless of the formal
competence of the Union, is an area still largely regulated by national laws, which
greatly differ one from the other.
The jurisprudence of the ECtHR thus represents a direct challenge to the possi-
bility for national legal labels to hold valid within and outside national borders; a
stand to which a globalized context, characterized by intense transnational coopera-
tion and free movement of persons, goods, capitals and services, had already caused
much distress. This effect results even more pronounced due to the fact that the
Engel jurisprudence now finds a certain application also at the EU level.
Indeed, the Court of Justice (CJEU) has—at least to some extent—embraced the
ECtHR substantial approach to the criminal matter since its 1999 decision Hüls AG
v Commission. In that case, recalling Öztürk, the Court recognized the need to guar-
antee the core rights of fair trial in criminal matter (and particularly the presumption
of innocence) to procedures assessing infringements of competition rules which
may result in the application of fines or periodic penalty payments characterized by
a certain “nature and degree of severity”.94
The CJEU repeatedly confirmed this case-law in the field of competition law,95
both with specific regard to the presumption of innocence,96 and to other typical
criminal law principles such as the nonretroactivity of penalties, which “requires
that the penalties imposed correspond with those fixed at the time when the infringe-
ment was committed” and, according to the Court, must be observed also when
fines “are imposed for infringement of the competition rules”.97
The CJEU, however, has so far never recognized a substantial criminal nature to
competition fines. The arguments at the basis of this interpretation rely mainly on
94
Hüls AG v Commission of the European Communities, Case C-199/92, 8.07.1999,
ECLI:EU:C:1999:358, § 150; see, e.g., Lupária (2017), p. 940 et seq. The notion and extent of the
presumption of innocence in competition law, and in the ECB supervisory proceedings is analysed
in Sects. 6.3.5–6.3.6.
95
Cf. Montecatini v Commission, Case C-235/92 P, 8.07.1999, ECLI:EU:C:1999:362, §§ 175–176;
Groupe Danone v Commission, Case T-38/02, 25.10.2005, ECLI:EU:T:2005:367, §§ 215–216.
96
Romana Tabacchi Srl v European Commission, Case T-11/06, 5.10.2011, ECLI:EU:T:2011:560,
§§ 129.
97
FRANSSEN Rørindustri A/S (C-189/02 P), Isoplus Fernwärmetechnik Vertriebsgesellschaft
mbH and Others (C-202/02 P), KE KELIT Kunststoffwerk GmbH (C-205/02 P), LR af 1998 A/S
(C-206/02 P), Brugg Rohrsysteme GmbH (C-207/02 P), LR af 1998 (Deutschland) GmbH
(C-208/02 P) and ABB Asea Brown Boveri Ltd (C-213/02 P) v Commission of the European
Communities, Joined Cases C-189/02 P, C-202/02 P, C-205/02 P to C-208/02 P and C-213/02 P,
28.06.2005, ECLI:EU:C:2005:408, § 202.
the consideration that recognizing so “would infringe seriously on the effectiveness

of Community competition law”98 and on the explicit provision of Council
Regulation No 1/2003 on the implementation of the rules on competition. Indeed,
according to Article 23(5) of such Regulation—a provision mainly originated, in a
pre-Lisbon context, by the will of Member States to deny any competence in crimi-
nal matter to the European Community99—fines in this field “shall not be of a crimi-
nal law nature”.100
This restrictive case-law still persists today, even though the statutory label
attributing a certain nature to a fine is considered by the Court in Strasbourg, and in
other fields of law, by the same Court of Justice, only a residual criterion.101
Indeed, outside of competition law, the CJEU adoption of the Engel criteria has
been much more explicit, starting from the 2009 Spector decision, concerning a
preliminary ruling in a Belgian insider dealing case, where the Court recognized the
substantial criminal nature of the applicable sanctions “in the light of the nature of
the infringements at issue and the degree of severity of the sanctions which may be
imposed”.102
The Engel criteria had also been applied by the CJEU in other preliminary rul-
ings, such as the 2012 Bonda case, concerning administrative penalties at EU level
on recipients of agricultural aid103; in the landmark decision Fransson (2013),104
98
Cf. Volkswagen v Commission, Case C-338/00 P, 18.09.2003, ECLI:EU:C:2003:473, §§ 96–97;
Compagnie maritime belge v Commission, Case T-276/04, 1.07.2008, ECLI:EU:T:2008:237, § 66.
99
Cf. Waelbroeck and Frignani (1997), p. 419 and references; Legros (1964), p. 194.
100
Article 23(5), Council Regulation (EC) No 1/2003 of 16.12.2002 on the implementation of the
rules on competition laid down in Articles 81 and 82 of the Treaty, which was already contained
also in the previous version of the Regulation, see Article 15(4) Regulation No 17: First Regulation
implementing Articles 85 and 86 of the Treaty, of 6.02.1962.
101
Cf., e.g., Shell v Commission, Case T-11/89, 10.03.1992, ECLI:EU:T:1992:33, §§ 39 and 349;
Tetra Pak International SA v Commission of the European Communities, Case T-83/91, 6.10.1994,
ECLI:EU:T:1994:246, § 235; Cimenteries Cbr and Others v Commission, Joined Cases T-25/95,
T-26/95, T-30/95 TO T-32/95, T-34/95 TO T-39/9S, T-42/95 TO T-46/95, T-48/95, T-50/95 TO
T-65/95, T-68/95 TO T-71/95, T-87/95, T-88/95, T-103/95 and T-104/95, 15.03.2000,
ECLI:EU:T:2000:77, § 718; HFB Holding für Fernwärmetechnik Beteiligungsgesellschaft mbH &
Co. KG and Others v Commission, Case T-9/99, 20.03.2002, ECLI:EU:T:2002:70, § 390; Schindler
Holding Ltd and others, Case T-138/07, 13.07.2011, ECLI:EU:T:2011:362, § 54; Bolloré v
European Commission, Case T-372/10, 27.07.2012, ECLI:EU:T:2012:325, § 54; Coats Holdings
Ltd v European Commission, Case T-439/07, 27.06.2012, ECLI:EU:T:2012:320, §§ 169 and 171;
and, de facto, in Powszechny Zaklad Ubezpieczen na Zycie S.A., Case C-617/17, 3.04.2019,
ECLI:EU:C:2019:283.
102
Spector Photo Group, Case C-45/08, 23.12.2009, ECLI:EU:C:2009:806, § 42; cf., e.g., Tison
and Vandendriessche (2010); Hansen (2010), pp. 98–105.
103
Criminal proceedings against Łukasz Marcin Bonda, 5.06.2012, C-489/10, ECLI:EU:C:2012:319,
§ 36–46; see also Opinion of Advocate General Kokott, in Case C-489/10, delivered on 15.12.2011,
§§ 42–71.
104
Judgement in Åklagaren v Hans Åkerberg Fransson, C-617/10 [GC], 26.02.2013,
ECLI:EU:C:2013:280, §§ 35–37 (analysed below with regard to the scope of application of the
Charter and to the extent of the ne bis in idem protection in the EU legal order, see Sect. 2.3.3).
and in Menci (2018),105 both concerning double-track proceedings in tax matter; and
in two decisions on market abuse, Garlsson Real Estate SA and Di Puma-Zecca
(both from 2018106).
In Bonda and Fransson, in particular, the Court clearly declared the need to
apply the Engel criteria also in the interpretation of EU law, even though—as high-
lighted by Advocate General Campos Sánchez-Bordona—the Court’s implementa-
tion of the criteria differs: While in Bonda “it applied the Engel criteria itself before
accepting that the administrative penalty imposed on farmers in receipt of unlawful
aid was criminal in nature; in the latter […] the Court referred the application of
those criteria” to the national court.107
This second approach was confirmed but partially amended in Menci and
Garlsson where, referring to its previous jurisprudence on the matter of
immigration,108 the CJEU reminded how “although it is for the referring court to
assess, in the light of those criteria, whether the criminal and administrative pro-
ceedings and penalties at issue in the main proceedings are criminal in nature for the
purposes of Article 50 of the Charter, the Court, when giving a preliminary ruling,
may nevertheless provide clarification designed to give the national court guidance
in its assessment”.109
In this sense, the CJEU, substantially reproducing the case-law of the Court in
Strasbourg, confirmed the residual value of the first Engel criterion, and recom-
mended that, in the assessment concerning the second (intrinsic nature of the
offence), the mere fact that a penalty pursues not only punitive but also deterrence
purposes does not per se make it administrative in substance, while, “by contrast, a
measure which merely repairs the damage caused by the offence at issue is not
criminal in nature”.
In Garlsson, in particular, the CJEU affirmed how a penalty that “may, in certain
circumstances […] be increased by up to 3 times its amount or up to an amount 10
times greater than the proceeds or profit obtained from the offence” and that
moreover “always involves the confiscation of the product or the profit gained as a
105
Criminal proceedings against Luca Menci, Case C-524/15, 20.03.2018, ECLI:EU:C:2018:197,
§§ 26–33, cf. Galluccio (2018).
106
Garlsson Real Estate SA and Others v Commissione Nazionale per le Società e la Borsa
(Consob), Case C-537/16, 20.03.2018, ECLI:EU:C:2018:193, §§ 28–35; Enzo Di Puma v
Commissione Nazionale per le Società e la Borsa (Consob) and Commissione Nazionale per le
Società e la Borsa (Consob) v Antonio Zecca, Joined Cases C-596/16 and C-597/16, 20.03.2018,
ECLI:EU:C:2018:192, § 38; cf. Galluccio (2018).
107
Cf. Opinions of Advocate General Campos Sánchez-Bordona, delivered on 12.09. 2017, in case
Menci (C-524/15), §§ 28–31 and note 20; in case Garlsson Real State SA (C-537/16), §§ 62–68;
and in Joined cases Di Puma (C-596/16) and Zecca (C-597/16), §§ 58–63. See Simonato (2017).
108
Bashir Mohamed Ali Mahdi, Case C-146/14 PPU, 5.06.2014, ECLI:EU:C:2014:1320, §§ 79 and
case-law there cited.
109
Cf. Menci, Case C-524/15, § 27; Garlsson Real Estate SA, Case C-537/16, § 29. This interpreta-
tion was also supported by Advocate General Campos Sánchez-Bordona, that called for a smoother
application of the Engel case-law at national level, encouraging the Court to provide some addi-
tional criteria (Opinions cit., especially in Menci, §§ 110–119).
result of the offence and the goods used for the commission thereof […] is not only
intended to repair the harm caused by the offence” but pursues also a punitive pur-
pose and accordingly, possess a substantial criminal nature.110
With regard to the third Engel criterion, the Court also recognised that fines con-
sisting “of 30%” of the tax due or which can be of an amount “up to 10 times greater
than the proceeds or profit obtained” have a “high degree of severity which is liable
to support the view that that penalty is of a criminal nature”.111
The CJEU, therefore, although formally leaving the determination of the crimi-
nal matter to national judges, de facto requires an harmonized interpretation of the
latter, mostly based on sub-criteria that seem to be aligned (at least, so far) with
those developed by the European Court on Human Rights.
This conclusion allows to question the aforementioned interpretation of the
CJEU over the nature of some competition fines. Indeed, already during the negotia-
tions of Regulation 1/2003, the European Parliament considered “probable” that
“the fines which can be imposed by the Commission come to be regarded as crimi-
nal penalties for the purposes of Article 6” ECHR.112 Their classification as merely
administrative has been considered questionable by legal scholars,113 former mem-
bers of the Court,114 and the same Commission.115 A substantial “sanctionative”
nature to competition fines has also been recognized in several Opinions submitted
before the Court by different Advocates General in the last two decades.116
110
Cf. Menci, Case C-524/15, § 31; Garlsson Real Estate SA, Case C-537/16, §§ 33–34.
111
Cf. Menci, Case C-524/15, § 33; Garlsson Real Estate SA, Case C-537/16, § 35.
112
European Parliament position, 1st reading or single reading, OJ [2002] C 72/236, 21.03.2002.
113
See, among others, Bronckers and Vallery (2011), p. 542; Ehlermann (1994); Slater et al. (2008),
pp. 7–8; Jones and Sufrin (2016), pp. 897–898 and literature mentioned there, reporting how “in
the EU it had already been generally accepted that the Commission’s fining procedures were ‘crim-
inal’ within Article 6 ECHR”; D’Ambrosio (2017), p. 1032.
114
Cf. Everling (2007), pp. 773–789; Id. (2008), pp. 527–531.
115
Cf. Wils (2004), p. 209, according to which “it appears difficult to deny that the application of
the criteria set out in the case law of the European Court of Human Rights leads to the conclusion
that proceedings based on Regulation No 1/2003, leading to decisions in which the Commission
finds violations of Articles 81 or 82 EC, orders their termination and imposes fines relate to “the
determination of a criminal charge” within the meaning of Article 6 ECHR”; Veenbrink (2015), p.
131.
116
See Advocate General Ruiz-Jarabo Colomer in the Cement cases (cf. also below, Sect. 2.3.3);
Opinion of Adovcate General Sharpston, delivered on 10.02.2011, in Case C-272/09 P, KME
Germany AG, KME France SAS and KME Italy SpA v European Commission, ECLI:EU:C:2011:63,
§§ 60–67 and in particular § 64 “In the light of those criteria, I have little difficulty in concluding
that the procedure whereby a fine is imposed for breach of the prohibition on price-fixing and
markeT-sharing agreements in Article 81(1) EC falls under the ‘criminal head’ of Article 6 ECHR
as progressively defined by the European Court of Human Rights”; Opinion of Advocate General
Ruiz-Jarabo Colomer, delivered on 11.02.2003, in Case C-217/00 P, Buzzi Unicem v Commission,
ECLI:EU:C:2003:83, § 29: “The procedure for finding infringements of Articles 81 EC and 82 EC
is sanctionative by nature. As well as putting an end to anti-competitive practices, it seeks to punish
the conduct which gave rise to them and confers on the Commission the power to impose financial
penalties on those responsible. To that end, the Commission has wide powers of investigation and
inquiry but, precisely because of that nature and because one and the same body is invested with
anaging the Risk of Transnational Bis in idem:

2.3.1 M
Double Jeopardy Clause in the US Federal Legal System
In Europe, as it will be further illustrated, the application of the Engel case-law

brought disruptive effects on one of the most critical profiles concerning the interac-
tion between administrative and criminal matters: The principle of ne bis in idem.
This profile, however, is also extremely problematic in legal contexts, like the
United States, where the definition of criminal matter is still linked to formal, rather
than substantial parameters.
The enforcement of the prohibition of bis in idem has long been recognized as a
fundamental right by several international, regional and national legal sources.117
Already considered a severe risk with regard to stricto sensu criminal proceed-
ings, multiple prosecutions and/or punishment become particularly significant in
the context of transnational relationships, and multi-disciplinary regulations, which
present a number of “systemic disadvantages” for the subjects under investigation,
starting from a shuttling among jurisdictions, courthouses and independent authori-
ties which causes a loss of “whatever minimal sense of stability, reliability, and
security a defendant would have been able to muster in the case of successive single-
sovereign prosecutions”.118
A poor regulation of multiple proceedings, however, may result detrimental also
under a prosecutorial point of view. In a time in which a huge part of financial inves-
tigation involves authorities belonging to different countries, the shortage of com-
mon criteria for allocating jurisdiction at the transnational level (among national
judicial authorities, and among the latter and national administrative authorities)
risks resulting in a “first come first served”119 approach, which is neither adequate in
guaranteeing the defence its fundamental rights, nor efficient in fighting crime.
the power to conduct investigations and the power to take decisions, the rights of defence of those
subject to the procedure must be recognised without reservation and respected”; Opinion of
Advocate General Léger, delivered on 3.02.1998, in Case C-185/95 P, Baustahlgewebe GmbH v
Commission of the European Communities, ECLI:EU:C:1998:37, at 31 “It cannot be disputed—
and the Commission does not dispute—that, in the light of the case-law of the European Court of
Human Rights and the opinions of the European Commission of Human Rights, the present case
involves a ‘criminal charge’”; Opinion of Advocate General Vesterdorf, delivered on 10.07.1991,
in Case T-1–4 and 6–15/89, Rhône–Poulenc SA v Commission of the European Communities,
ECLI:EU:T:1991:38, pp. 884–885 “In view of the fact—in my view confirmed to some extent by
the judgment of the Court of Human Rights in the Öztürk case10—that the fines which may be
imposed on undertakings pursuant to Article 15 of Regulation No 17/62 do in fact, notwithstanding
what is stated in Article 15(4), have a criminal law character […]”.
117
Such as Article 14(7) of the International Convenant on Civil and Political Rights of 19
December 1995 (United Nations, Treaty Series, vol. 999, p. 171); Article 20 of the Rome Statute
establishing the International Criminal Court (UN Doc A/CONF 183/9). For an historical recon-
struction of the origin of the principle see, e.g., Dissenting Opinion of Judge Pinto De Albuquerque
in ECtHR, A and B v Norway, 15.11.2016, Applications nos. 24130/11 and 29758/11, §§ 3–15; see
also Nascimbene (2018).
118
Cf. Adler (2014), p. 475.
119
Luchtman and Vervaele (2014a), p. 219; Luchtman (2017), p. 194; Luchtman (2013).
Indeed, against this background, it is totally possible for one jurisdiction to bar
prosecution in another one simply carrying out faster proceedings (criminal or
administrative), or even using “sham” trials or sanctions.120
The issue emerges quite critically in multi-level systems, whose organization in
multiple local and central structures brings, by definition, much more internal con-
flicts.121 That is true for the US, which presents a model with a clear separation
between federal and local jurisdictions, and it is even more evident in the European
Union, which is not equipped by an autonomous judicial system, and where such a
distinguishing is far more blurring to detect, as often also in matters falling within
the competence of the Union, the law applicable to a concrete case derives from the
combination of EU and national provisions.122
In addition, the EU still lacks an efficient regulation on the prevention and settle-
ment of transnational conflicts of jurisdiction in criminal proceedings. To be pre-
cise, Council Framework Decision 2009/948/JHA has created an obligation for
Member States to enter direct consultations in case the existence of parallel pro-
ceedings is established, in order to reach a consensus on the State where to allocate
them.123 Whether it is not possible to find an agreement, the Framework Decision
identifies in Eurojust the subject with the power to decide over such conflicts.124
However, according to the Decision, Eurojust’s written opinions do not have bind-
ing value over the conflicting parties, and thus they do not really constitute an effec-
tive tool in this field, unless the latter are already prone to agree upon a common
solution.125
Given this context, both in the US and in the EU, the protection provided against
double jeopardy assumes a pivotal role in shaping the practical development of an
investigation, and especially the real degree of guarantees that the parties involved
in it can rely upon.
In the US, the ne bis in idem principle arises above all from the Fifth Amendment
of the Constitution, which states that “nor shall any person be subject for the same
offense to be twice put in jeopardy of life or limb”.126 There are two main elements
of this provision that shall be underlined in light of the case-law of the US Supreme
120
Cf. Adler (2014), p. 477.
121
For the notion of multi-level systems and their relevance to this analysis cf. below Sect. 2.4.
122
On the hybrid nature of EU law, see below Sect. 2.4.
123
Cf. Article 10, Council Framework Decision 2009/948/JHA of 30.11.2009 on prevention and
settlement of conflicts of exercise of jurisdiction in criminal proceedings.
124
Cf. Article 12(2), Council Framework Decision 2009/948/JHA.
125
Cf. Article 7(2), Council Decision 2009/426/JHA of 16.12.2008 on the strengthening of Eurojust
and amending Decision 2002/187/JHA setting up Eurojust with a view to reinforcing the fight
against serious crime. For an analysis of the issue see, e.g., Vervaele (2013a), p. 173; Id. (2017),
pp. 180–183; Amalfitano (2017), pp. 1027–1028; Id. (2009), p. 1293 et seq.
126
The principle is also provided, with little practical effect on US courts, by the American
Convention on Human Rights (as interpreted by the Inter-American Court of Human Rights), cf.
Article 8(4), American Convention on Human Rights: “An accused person acquitted by a non-
appealable judgment shall not be subjected to a new trial for the same cause”.
Court (USSC), which may be dated back to the 1873 case Ex Parte Lange.127 First,
although the text explicitly mentions only proceedings threatening “life or limb”,
the protection of the Fifth Amendment has been extended to all felonies, misde-
meanours and juvenile offenses, regardless from the kind of punishment prescribed.
Second, when it comes to the definition of idem, the US Constitution clearly opted
for a formal criterion, that is the legal qualification of the conduct (“same offence”),
rather than focusing on the recognition of the “same fact”.128
At federal level, the most renowned criteria applied by the USSC to define the
concept of “sameness” have been famously established in the 1932 decision
Blockburger v United States. Under that decision, “A single act may be an offense
against two statutes; and if each statute requires proof of an additional fact which
the other does not, an acquittal or conviction under either statute does not exempt
the defendant from prosecution and punishment under the other”.129 Accordingly
only if offences contain identical elements or if one is a lesser-included offense of
the other, they are considered as the same offence.
This interpretation has been criticized under opposite perspectives.130 From one
side, one could argue that Blockburger established a too-broad criterion, as the pos-
sibility to “irrebuttably bar also proceedings for not exactly the same offence” (such
as attempted murder, and premeditated murder; robbery and armed robbery) repre-
sents an obvious violation of the very letter of the Constitution.131
On the contrary, it could also be claimed that the test unreasonably limits the
level of protection granted by the Fifth Amendment, since Blockburger makes pos-
sible for the same subject to be prosecuted multiple times for the same conduct as
long as the charged offences are “sufficiently” differentiated in the applicable legis-
lation (such as, for instance, prosecution for continuing criminal enterprise against
a subject who had already been convicted of a lesser-included predicate drug fel-
ony132). According to some authors, the test does not deprive defendants from their
rightful constitutional protection, as the double jeopardy clause is supplemented by
“several broader but more flexible commonsense principles protected by the Due
Process Clause” expressed by the Fourteenth Amendment, such as the principle of
127
85 U.S. 163 (1873). In that case, even if the relevant statute only authorized one of two punish-
ments (fine or imprisonment), the defendant was convicted with both. The decision was overruled
by the Supreme Court. The caselaw was confirmed also over the years, see e.g., North Carolina v.
Pearce, 395 U.S. 711, 716-18 (1969); and Whalen v. United States, 445 U.S. 684, 689 (1980)
according to which, “If a federal court exceeds its own authority by imposing multiple punish-
ments not authorized by Congress, it violates not only the specific guarantee against double jeop-
ardy, but also the constitutional principle of separation of powers”.
128
Cf., e.g., Böse (2017), p. 211 et seq.
129
284 U.S. 299 (1932), in conformity with the Supreme Court of Massachusetts in Morey v
Commonwealth, 108 Mass. 433 (1871).
130
Contra, affirming that Blockburger represents an example that should be followed also by the
European Court on Human Rights, see Trechsel (2005), p. 398.
131
Cf., e.g., Amar (1997), p. 1819.
132
As occurred in Garrett v. United States, 471 U.S. 773 (1985).
collateral estoppel,133 “and by certain other rules and principles rooted in the Sixth
Amendment Jury Trial Clause”.134
For others, instead, this goal could be achieved thanks to a non-literal interpreta-
tion of Blockburger, which should lead courts to take a “functional approach” that,
comparing different statutes, support them in discerning whether the latter substan-
tively describe the same offense. This approach should be based on a clear identifi-
cation of the interests involved, allowing multiple prosecution only as much as it is
necessary to vindicate those which have not already been vindicated by a State in
the first proceeding.135
Besides for the academic debate however, over the years the Supreme Court has
generally confirmed the validity of the Blockburger test, with a few relevant detours.
The best-known exception in this sense is the 1990 five-to-four votes decision
Grady v Corbin, a proceeding in which the defendant, driving while being drunk,
killed one person and seriously injured another. In that case, the Court acknowl-
edged that under Blockburger, for the same conduct the defendant could have been
tried already four times (for failure to keep right of the median, for driving while
intoxicated, for assault, and for homicide). To avoid this effect, the USSC upheld the
defendant’s argument according to which the Double Jeopardy clause barred a later
prosecution for reckless manslaughter and criminally negligent homicide, once
Corbin had already plead guilty for traffic infringements.136 The Court explicitly
stated that “[A] technical comparison of the elements of the two offenses as required
by Blockburger does not protect defendants sufficiently from the burdens of multi-
ple trials […] Thus, a subsequent prosecution must do more than merely survive the
Blockburger test […] The double-jeopardy clause bars any subsequent prosecution
in which the government, to establish an essential element of an offense charged in
that prosecution, will prove conduct that constitutes an offense for which the defen-
dant has already been prosecuted”.137
But this substantive overruling did not last long. No later than in 1993, in another
five-to-four decision, United States v Dixon, the Supreme Court affirmed that
although it “does not lightly reconsider precedent, it has never felt constrained to
follow prior decisions that are unworkable or badly reasoned”. Specifically, Grady
was accused by the Court of having “contradicted an unbroken line of decisions”,
“produced confusion”, and “proved unstable in application”.138
133
Collateral estoppel is “A doctrine barring a party from relitigating an issue determined against
that party in an earlier action, even if the second action differs significantly from the first one” cf.
Garner (2014), p. 318.
134
Cf. Amar (1997), p. 1809.
135
Adler (2014), pp. 451–483.
136
Against a similar conclusion, in the European academic debate, e.g. authoritatively Cordero
(2012), p. 1204 et seq.
137
495 U.S. 508 (1990).
138
509 U.S. 688 (1993), according to which: “The double-jeopardy clause’s protection attaches in
non-summary criminal contempt prosecutions just as it does in other criminal prosecutions. In the
contexts of both multiple punishments and successive prosecution, the double–jeopardy bar
applies if the two offenses for which the defendant is punished or tried cannot survive the ‘same
elements’ or ‘Blockburger’ test”.
This criticism was shared also by distinguished scholars, which first pointed out
how the reasoning of Grady was not apt to the facts of the concrete proceedings,
where no prejudice for the defendants was at stake.139 Moreover, the overruling was
not considered necessary in light of the Ashe doctrine, according to which the gov-
ernment is barred by the collateral estoppel principle from relitigating an issue of
fact resolved in the defendant’s favour, while defendants remain free to contest
issues already decided in favour of the government: That gives “the state a strong
disincentive to split one case into four for strategic reasons. Whenever the state
prevails on a contested issue in the first trial, it will have to prove it all over again in
later trials, but if it loses once on an issue, it loses forever”.140
Reconsidered its previous orientation, the Supreme Court thus reinstated the
Blockburger test as the unique criteria upon which to evaluate potential violations of
the principle of ne bis in idem. The following year, however, the USSC with
Department of Revenue v. Kurth Ranch again issued a somehow ambiguous deci-
sion on the matter, and especially on the relationship between criminal and civil law
sanctions.141 The case concerned several members of the Kurth family, finally con-
victed by the State of Montana for drugs charges, and then pressed by the same
State with civil charges based on a special civil law imposing particular taxes on
illegal drugs. In this decision, the Supreme Court adopted an idea of sameness
which clearly departed from the formalistic approach of Blockburger. Taking into
account that both proceedings concerned the same “conduct”, the USSC in fact
recognized a violation of the principle of ne bis in idem in the carrying out of the
civil trial, and accordingly nullified it.
In the following years, however, the Blockburger test continued to be applied by
the Supreme Court,142 and its criteria achieved great success also beyond the federal
level, being adopted as the criteria to determine violation of double jeopardy also by
the majority of state jurisdictions.143
Against this case-law, a few further fundamental considerations should be kept
in mind to correctly understand the effectiveness of the protection from bis in idem
in the US.
First, since its 1833 landmark decision Barton v. Baltimore, the Supreme Court
affirmed that the Federal Bill of Rights, including the Fifth Amendment, applies at
federal level, but does not bind State legislators or judiciary.144 The recognition of
double jeopardy clause at State level was acknowledged only in 1969, when the
Court stated that such obligation could derive from the Due Process Clause of the
Fourteenth Amendment.145
139
Amar (1997), pp. 1831–1835.
140
Cf. Ashe v. Swenson, 397 U.S. 436, 453 (1970).
141
114 S. Ct. 1937 (1994).
142
Cf., e.g., Texas v. Cobb, 532 U.S. 162 (2001).
143
For a complete list, see Klein (2000), notes 44–49.
144
32 U.S. (7 Pet.) 243 (1833). See also Fox v. Ohio, 46 U.S. (5 How.) 410 (1847).
145
Benton v. Maryland, 395 U.S. 784 (1969).
However, already in the 1852 case Moore v. Illinois, the USSC considered that
“every citizen of the United States is also a citizen of a State or territory. He may be
said to owe allegiance to two sovereigns, and may be liable to punishment for an
infraction of the laws of either. The same act may be an offence or transgression of
the law of both”.146
On such basis, the Supreme Court elaborated the so-called “dual sovereignty
doctrine”. As explained in the 1985 decision Heath v. Alabama, this theory affirms
that “When a defendant in a single act violates the “peace and dignity” of two sov-
ereigns by breaking the laws of each, he has committed two distinct “offences.” As
the Court again explained in Moore v. Illinois, “[a]n offence, in its legal significa-
tion, means the transgression of a law.” Consequently, when the same act trans-
gresses the laws of two sovereigns, “it cannot be truly averred that the offender has
been twice punished for the same offence; but only that by one act he has committed
two offences, for each of which he is justly punishable””.147
Following this case-law, which applies also if the offenses at stake contain identi-
cal elements or even if they are expressed at statutory level with identical wording,
in the US currently the prohibition of bis in idem does not enjoy basically any trans-
national dimension, that is the protection proves effective only within the federal or
the domestic level in which the proceeding has been carried out. In practice there-
fore, whilst nobody in principle shall be tried twice for the same offense, in the US
a same defendant could be legitimately prosecuted for separate crimes arising from
the same underlying facts first at federal and then at State level, or vice versa, or in
different States; a situation which is far from been uncommon.148
146
Moore v. Illinois, 55 U.S. (14 How.) 13 (1852), at 20.
147
Heath v. Alabama, 474 U.S. 82, 88 (1985) (citations omitted). For an analysis of the dual–
sovereigntydoctrine, see Amar and Marcus (1995), proposing to abolish the dual sovereignty
doctrine except for offenses “committed by state officials and implicating the federal government’s
unique role under Section 5 of the Fourteenth Amendment”; cf. also Dawson (1992); Hellmann
(1994).
148
For a reference on the impact of the doctrine, cf., e.g., Adler (2014), p. 456, note 27 where he
reports the following cases “Heath v. Alabama, 474 U.S. 82 (1985) (Alabama obtained a convic-
tion and the death penalty after the defendant pleaded guilty to avoid the death penalty in Georgia);
United States v. Wheeler, 435 U.S. 313 (1978) (a defendant pleaded guilty in a tribal court to dis-
orderly conduct and contributing to delinquency of a minor, only to be charged by the federal
government for statutory rape); Abbate v. United States, 359 U.S. 187 (1959) (defendants pleaded
guilty in Illinois to conspiring to destroy property and were subsequently charged and convicted by
the federal government for conspiring to destroy a telephone system); United States v. Lanza, 260
U.S. 377 (1922) (defendants were convicted of and punished for violating state prohibition laws in
Washington and were then charged for the same offense by the federal government); United States
v. Ng, 699 F.2d 63 (2d Cir. 1983) (defendants pleaded guilty to state firearms charges in
Massachusetts and were then convicted of federal firearms charges); United States v. Grimes, 641
F.2d 96 (3d Cir. 1981) (Grimes was found guilty of armed robbery by the federal government and
was sentenced to twenty years in prison; he then pleaded guilty to state charges for the same
offense and received an additional twenty-two to twenty-four year prison sentence, to be served
consecutively); Evans v. State, 481 A.2d 1135 (Md. 1984) (defendants were convicted in federal
court of conspiracy to violate victims’ civil rights and were then indicted in state court for murder
and conspiracy to commit murder for the same offense); Commonwealth v. Mills, 286 A.2d 638
Unsurprisingly, the dual sovereignty doctrine has been, and still is harshly criti-
cized at the academic level due to its detrimental effects on the defendant(s), for
which it has been defined as a “giant blind spot in double jeopardy jurisprudence”.149
Nonetheless, the doctrine remains in place, significantly reducing the impact of the
Double Jeopardy Clause.
This is not however the only reason why protection from double prosecution and
punishment is not extremely effective in the US. The moment from which it is pos-
sible to invoke this right shall also be taken into account.
Indeed, following the USSC case-law, if someone is charged with a crime, the
Double Jeopardy Clause attaches at different points depending on the type of case and
its procedural posture: Once the jury is sworn,150 (in cases requiring a jury, despite
some recommendations to anticipate it since the moment of the indictment)151; when
the first witness is sworn (for cases tried by a judge without a jury); when the court
first hears evidence in a juvenile proceeding; or when the court accepts a plea agree-
ment between a defendant and a prosecutor.152
This last case is especially relevant since, as renowned, in the US over 90% of
State and federal prosecutions end with plea bargains, inasmuch as the Supreme
Court had declared that the latter “is the [US] criminal justice system”.153 According
to Rule 11 Fed. R. Crim. P., trial judges enjoy discretion to accept or reject the terms
of most plea bargains, a power which does not end until the sentence has been
enforced.154 A particularly critical situation thus emerges in case the plea is first
accepted, but then vacated ex officio by the court.
(Pa. 1971) (defendants pleaded guilty to federal bank robbery charges and were then convicted
under a similar state statute in Pennsylvania)”. See also Henning (2012).
149
Adler (2014), p. 483. See also pp. 450–451, where the author reports how scholars either opted
for the doctrine to be totally abolished (see, e.g., Cranman (2000); Braun (1992)); replaced (see,
e.g., Camina (1981), proposing a system that would avoid successive state-federal prosecutions by
allowing the federal government to intervene and selectively preempt a state prosecution); or mod-
ified (see, e.g., Amar and Marcus (1995), proposing to abolish the dual sovereignty doctrine except
for offenses committed by state officials and implicating the federal government’s unique role
under Section 5 of the Fourteenth Amendment).
150
See Crist v. Bretz, 437 U.S. 28, 32–38 (1978). According to early American doctrine, the Clause
attached once the jury renders its verdict, see Story (1991), pp. 659–660.
151
See Amar (1997), p. 1808 et seq.
152
Cf. United States v. Jerry, 487 F.2d 600, 606 (3d Cir. 1973); United States v. Vaughan, 715 F.2d
1373, 1378 n.2 (9th Cir. 1983); United States v. Patterson, 381 F.3d 859, 864 (9th Cir. 2004) (citing
Vaughan, 715 F.2d at 1378 n.2); see also Hammond (2005), pp. 467–468.
153
Cf. Missouri v. Frye, 132 S. Ct. 1399, 1407 (2012), as reported by Chinn (2013). The Court
recognized that 97% of convictions in the federal system and 94% of convictions in the state sys-
tem result from guilty pleas. As it has been highlighted, the high rate of guilty pleas signifies
widespread judicial acceptance of the assumption “that the screening processes operated by police
and prosecutors are reliable indicators of probable guilt”, cf. Packer (1964), p. 11.
154
Full discretion is granted for agreements to move for dismissal or not to bring other charges
(Rule 11(c)(1)(A)) and agreements to “recommend, or agree not to oppose the defendant’s request,
that a particular sentence or sentencing range is appropriate or that a particular provision of the
Sentencing Guidelines, or policy statement, or sentencing factor does or does not apply” (Rule
11(c)(1)(B)). The only type of plea which binds the court once it is accepted is that in which the
In this case, in fact, the traditional rule according to which “after a court accepts
defendant’s guilty plea to a lesser included offense, prosecution for the greater
offense violates the Double Jeopardy Clause”155 has been partially overruled by the
jurisprudence following the 1984 USSC decision Ohio v. Johnson.156
Indicted of involuntary manslaughter, grand theft, murder and aggravated rob-
bery, Mr. Johnson pleaded guilty to the first two charges—a plea which was accepted
by the Court despite of the objection of the prosecutor. On review, the Supreme
Court rejected the motion of the defendant for the dismissal of the remaining
offences on the basis that this would violate his Double Jeopardy protection. The
Court affirmed that he did not have an interest in finality or in protection from pros-
ecutorial overreaching in this case, and thus could not make an “offensive use” of
the guilty plea and of the prohibition of bis in idem “as a sword to prevent the State
from completing its prosecution on the remaining charges”.157
The specific circumstances of this case, however, appear to have been overlooked
in its following application.158 In United States v. Soto, just to mention one, the First
Circuit did not take into account the difference between an ordinary and an “offen-
sive” use of plea bargains by the defendant.
On the contrary, the Court stated that “[u]nderlying Johnson is the proposition
that an acceptance of a guilty plea is legally different from a conviction based on a
jury’s verdict”. Thus, since the judges’ “mere acceptance of a guilty plea does not
carry the same expectation of finality and tranquillity that comes with a jury’s ver-
dict or with an entry of judgment and sentence”, the Court concluded that “jeopardy
did not attach when the district court accepted the guilty plea to the lesser included
offense and then rejected the plea without having imposed sentence and entered
judgment”.159
As a result of this over-broad reading of Johnson, defendants pleading guilty
may see their Double Jeopardy protection been “essentially stripped” in cases where
their plea is vacated by the court on its own motion.160
prosecution and defendant agree on “a specific sentence or sentencing range… or that a particular
provision of the Sentencing Guidelines, or policy statement, or sentencing factor does or does not
apply” (Rule 11(c)(1)(C)), cf. also Chinn (2013), pp. 300–301.
155
Morris v. Reynolds, 264 F.3d 38 (2d Cir. 2001), at 49.
156
Ohio v. Johnson, 467 U.S. 493 (1984).
157
Ohio v. Johnson, p. 502.
158
Cf. Chinn (2013), p. 302.
159
United States v. Soto, 825 F.2d 616, 620 (1st Cir. 1987), pp. 619–620. In this case, Mr. Soto, a
postal service inspector, pleaded guilty to a misdemeanor charge of obstructing the passage of cor-
respondence, but professed his innocence. Ex officio, the judge decided to dismiss the charges and
the plea. About 4 months later, Mr. Soto was indicted by a grand jury on two felony charges related
to the previous allegations: theft of mail matter and obstruction of correspondence; his motion to
dismiss the charges was denied and he was he was found guilty by the jury.
160
As it has been pointed out by many authors, see e.g. Chinn (2013), p. 305. Supporting the need
to increase protection from double jeopardy in plea bargains also Adler (2014), p. 472 et seq. On
the topic see also Goode (2012).
Lastly, a third element shall be taken into account, especially in a comparative

view with the European legal framework.
As much as the aforementioned Kurth case seemed to open towards a substantive
approach in the definition of criminal matter, since its 1938 decision Helvering v.
Mitchell, the Supreme Court generally tends not to recognize violation of the Double
Jeopardy Clause when punitive but not formally criminal proceedings are involved,
even if they are carried out by authorities or entities with a clear competence in
criminal matter, such as law-enforcement, or if they entail a punitive content.161
A clear example in this sense is provided by “civil-assets forfeiture” or “in rem”
proceedings. Provided for, at federal level, by several provisions, such as 15 U.S.C.
§ 1177 (concerning gambling), 16 U.S.C. § 1860 (fishery), 18 U.S.C. § 981 (e.g.
money laundering, monetary transactions in property derived from specified unlaw-
ful activity, prohibition of unlicensed money transmitting businesses), 21 U.S.C. §
881 (e.g. controlled substances), civil forfeiture consists in the power to confiscate
private property, such as vehicles, money, or buildings, characterized by an alleged
link with criminal activities.162
In practice however, due to the complexity of this legal institute and of its legal
basis, the connection between the specific crime at stake and the confiscated thing(s)
results highly discretional, and the consequences of the forfeiture extremely puni-
tive if examined from the perspective of the affected individuals–not necessarily
limited to those suspected of having committed a crime (for instance several are the
cases in which family houses were forfeited for the mere cause that marijuana was
hidden or processed inside, e.g. by a minor163).
Moreover, unlike criminal forfeiture, civil forfeiture does not really require a
conviction or even a criminal charge towards the owner of the thing(s) to be carried
out—actually in most cases, people to whom property had been seized were never
criminally charged.164
Following this lack of personal liability, forfeiture proceedings are not brought
against people, but against the confiscated property (giving proceedings names such
161
Helvering v. Mitchell, 303 US 391 (1938). See also United States v Ward, 448 US 242, 249–250
(1984); United States v Halper, 490 US 435 (1989); Hudson v United States, 552 US 93, 99
(1997). For a brief but complete recollection of the case-law evolution of the USSC on the matter,
see Böse (2017), pp. 212–215.
162
For a complete overview on forfeiture in the US federal legal system, see U.S. Department of
Justice, Criminal Division, Asset Forfeiture and Money Laundering Section, 2015. https://www.
justice.gov/sites/default/files/criminal-afmls/legacy/2015/04/24/statutes2015.pdf. Accessed 18
July 2018. In the EU, a parallel to civil forfeiture might be drawn to a certain extent with the Italian
system of misure di prevenzione applicable in the field of organised crime, and established by
Legislative Decree no. 159 of 6.09.2011, which results highly critical in light of the ECtHR case-
law, before which several cases have been presented.
163
As reported by Oliver (2014).
164
According to the study published in 1995 by the Republican former congressman Henry Hyde,
80% of people whose property was seized by the federal government were never charged with a
crime, cf. Hyde (1995); see also Oliver (2014).
as United States of America v. Eight Thousand Eight Hundred and Fifty Dollars ($
8,850) in United States Currency, or United States of America … v. An Article …
Consisting of 50,000 Cardboard Boxes More or Less, Each Containing One Pair of
Clacker Balls, or United States of America v. Approximately 64,695 Pounds of Shark
Fins165).
However, in order to get their property back, owners of the seized items usually
have to prove their innocence, which is a heavy burden of proof considering that
they formally are not part of any proceeding, and thus could not even know which
(if any) specific criminal offense they have been charged with. Owners are also
granted few procedural rights, starting from the fact that civil forfeitures procedure
are carried out autonomously by law-enforcement, without the involvement or
authorization of any judge. Even more: In 1984, the Comprehensive Drug Abuse
and Prevention Act allowed police to keep and spend forfeiture proceeds, providing
a direct financial incentive to carry out these proceedings.166 In 1993 the Supreme
Court found civil forfeiture to be a form of punishment for purposes of applying the
Eighth Amendment’s protection against “excessive fines”.167
In its 1996 decision United States v. Ursery, however, the USSC ruled that ordi-
nary civil forfeiture proceedings, even if “perhaps having certain punitive aspects”
shall not be considered a punishment, because they serve “important nonpunitive
goals”. Their application, prior, subsequent or in parallel to a criminal proceeding
does not therefore represent a premise to invoke a violation of the principle of ne bis
in idem.168
As critically pointed out, in Ursery the Court “came close to claiming that the
civil suit at hand was merely an in rem action directed against a particular piece of
drug-related property itself […] and not against Guy Jerome Ursery himself, the
owner and occupant of the house. On this in rem logic, Ursery could not claim that
he had ever been previously convicted or acquitted in any way that would bar his
criminal prosecution. The rem gimmick here […] can lead to striking injustices if
we truly buy into the fiction that the rights of individual persons are not really at
stake in in rem actions”.169
Regardless for these critics, so far the USSC has generally narrowed the applica-
tion of the Double Jeopardy Clause only to stricto sensu criminal proceedings, gen-
erally denying this label when civil or administrative sanctions (even extremely
165
Cf. Oliver (2014).
166
Giving raise to what has been defined by the Institute for Justice (IJ), a “policing for profit”, as
reported in The Economist explains, What civil-asset forfeiture means, April 15th 2014. https://
www.economist.com/the-economisT-explains/2014/04/14/whaT-civil-asseT-forfeiture-means.
Accessed 18 July 2018.
167
Austin v. United States, 509 U.S. 602 (1993).
168
116 S. Ct. 2135, 2142–41 (1996).
169
Cf. Amar (1997), p. 1836: “and so the deepest lesson here is that when the Supreme Court over-
reads a clause in a prodefendant way, it often sets in motion a chain of events that can result in a
rather drastic curtailment of citizens’ rights somewhere else”.
punitive, such as the confiscation of homes through civil forfeiture) are involved.170
Against this background, the effectiveness of the principle of ne bis in idem in the
US appears rather patchy, to say the least: As it was perhaps ruthlessly but correctly
summarized, in the US “Double Jeopardy Clause provides protection from multiple
prosecutions and from multiple punishments. Except when it doesn’t”.171
The situation in Europe, however, is not necessarily much better.
2.3.2 N
e Bis In Idem Protection in the European Convention
on Human Rights
Relevant limitations in enforcing the principle of ne bis in idem may be observed

also in Europe, where the protection from double jeopardy is recognized by several
fundamental supranational legal sources. These sources, in fact, show some critical
profiles which substantially diminish their effectiveness, especially at the transna-
tional level.
The European Convention on Human Rights provides for the principle of ne bis
in idem at Article 4, Protocol No. 7, which establishes that “No one shall be liable
to be tried or punished again in criminal proceedings under the jurisdiction of the
same State for an offence for which he has already been finally acquitted or con-
victed in accordance with the law and penal procedure of that State”.172
In light of the consolidated case-law of the Court in Strasbourg, this principle
includes both the right not to be punished twice (“substantive” notion of ne bis in
idem), and that not to be tried twice (“procedural” notion of ne bis in idem).173
Similarly to the fair trial rights provided for in Article 6 ECHR, also the reference
to “criminal proceedings” included in this double jeopardy clause shall be read in
light of the Engel case-law discussed above.174 In the interpretation of the Court (at
least so far) the scope of the two provisions indeed coincides, covering both crimi-
nal law stricto sensu and administrative or disciplinary punitive law.175
170
See, e.g., In re John P., 311 Md. 700, 706, 537 A.2d 263, 266 (1988); In re Blessen H., 392 Md.
684, 706, 898 A.2d 980, 993–94 (2006); even if the possibility to recognize a violation of the
double jeopardy clause in case of civil penalty has been admitted exceptionally in United States v
Halper, 490 U.S. 435 (1989).
171
Cf. Adler (2014), p. 482; Matz (1997); King (1979); Lopez (2000).
172
Cf. Bleichrodt (2006), p. 983; Trechsel (2005), p. 402; Harris et al. (2014), p. 973.
173
Cf., among others, Franz Fischer v Austria, 29.05.2001, Application no. 37950/97, §§ 25–32;
Zolotukhin v Russia, 10.02.2009, Application no. 14939/03 [GC], §110. Although the principle
does not prevent from the re-opening of the case if evidence of new or newly discovered facts
emerge; on the ambiguity of Article 4 on this issue, see, e.g., Bleichrodt (2006), p. 983; Harris et al.
(2014), pp. 971 and 973.
174
See above, Sect. 2.3. On the non-inclusion of the principle of ne bis in idem among fair trial
rights, see, e.g., Harris et al. (2014), p. 970.
175
The identity of the notion of “criminal matter” under Articles 6 and 4, Protocol No. 7 ECHR had
already been underlined by the Court in Göktan v France, 2.07.2002, Application no. 33402/96, §
Article 4 which, according to the Protocol, cannot be derogated even in time of

emergency, however applies (as the whole ECHR) only to proceedings carried out
within the same domestic jurisdiction. The Convention is per se lacking any direct
transnational application, since so far it can be enforced only within, and not among
State jurisdictions.176
Nonetheless, it is undeniable that generally—with all due caution for the differ-
ent legal contexts, and the specificity of the single cases—the Court in Strasbourg
possesses a strong authority in disseminating the content of the Conventional rights
also beyond the direct addressees of its decisions. When it comes to the prohibition
of double jeopardy, however, the potential transnational effects of the ECtHR case-
law are partially limited by the formal location of the principle.
Being established in a Protocol to the Convention, and not in the Convention
itself, the prohibition of bis in idem can in principle be enforced only towards those
Member States who agreed to ratify it—which currently, even considering just EU
countries, do not include Germany, the Netherlands, and the UK.177 The Protocol
was not included either in the EU draft Accession Agreement to the ECHR, which
refers only to the Convention, and its 1st and 6th Protocols.178
Of the three main elements that compose the principle (“idem”, “bis”, and “final
decision”), the latter appears the less problematic in the jurisprudence of the
ECtHR.179 Much more controversial, on the other side, is the case-law concerning
the first two elements.
As far as the interpretation of idem is concerned, the jurisprudence of the Court
in Strasbourg highly varied until 2009.
In Oliveira, the ECtHR linked the notion to the literal wording to “an offense”
contained in Article 4.180 In Franz Fischer, on the other end, the Court did not con-
48, then restated in the renown cases Zolotukhin v Russia, § 53 and A and B v Norway, § 107,
discussed below (although in Knut Haarvig v. Norwey, 11.12.2007, Application no. 11187/05, the
Court had added further requirements, then overcome with Zolotukhin, cf. Allegrezza (2012),
pp. 897–899). See also Bleichrodt (2006), p. 980; see Trechsel (2005), p. 387; Harris et al. (2014),
p. 970; Böse (2017), p. 215 et seq.
176
See also Bleichrodt (2006), p. 980, and case-law there mentioned; Trechsel (2005), p. 385;
Harris et al. (2014), p. 973 and, with regard to Article 14(7) of the International Covenant on Civil
and Political Rights, Vervaele (2013b), p. 213 et seq.
177
Cf. http://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/117/signatures?p_
auth=MdUPhQMD. Accessed 18 July 2018.
178
Cf. Fifth Negotiation Meeting Between the CDDH Ad Hoc Negotiation Group and the European
Commission on the Accession of the European Union to the European Convention on Human
Rights, Final Report to the CDDH, Strasbourg, April 5th 2013. https://www.echr.coe.int/
Documents/UE_Report_CDDH_ENG.pdf. Accessed 18 July 2018. Protocols 1 and 6 to the
Convention concern, respectively, the right to peaceful enjoyment of property, the right to educa-
tion, and the right to free elections by secret ballot (ETS No. 009); and the abolition of death
penalty (ETS No. 114).
179
Cf., e.g., Nikitin v Russia, 20.07.2004, Application no. 50178/99, §§ 35–36. Cf. Trechsel (2005),
pp. 389–390, which has repeatedly identified the concept in the moment in which a decision 933
acquires the force of res judicata according to the applicable national law.
180
Cf., e.g., Oliveira v Switzerland, 30.07.1998, Application no. 25711/94, § 26.
sider the legal qualification of the offences, but rather proceeded to a comparison
between the “essential elements” of the offences at stake.181 Lastly, according to a
third interpretation, for instance in the renown Gradinger case, the Court opted for
a more substantive approach, took into account whether the proceedings or the sanc-
tions concerned the “same conduct”.182
All these interpretations were considered by the ECtHR in the 2009 landmark
decision Sergey Zolotukhin v. Russia, where the Grand Chamber, trying to harmo-
nize its approach to the matter, stated that “the use of the word “offence” in the text
of Article 4 of Protocol No. 7 cannot justify adhering to a more restrictive approach”
and reiterated “that the Convention must be interpreted and applied in a manner
which renders its rights practical and effective, not theoretical and illusory”. In this
sense, the Court noted that “the approach which emphasises the legal characterisa-
tion of the two offences is too restrictive on the rights of the individual, for if the
Court limits itself to finding that the person was prosecuted for offences having a
different legal classification it risks undermining the guarantee enshrined in Article
4 of Protocol No. 7 rather than rendering it practical and effective as required by the
Convention”.183
With this perspective, and contrary to the US Supreme Court, in 2009 the ECtHR
hence opted for a wider protection of the principle, ruling that the assessment over
the idem shall not depend on the legal qualification of the offence, nor on a formal
comparison between its “essential elements”, but rather on a fact-based analysis.
Accordingly, potential violations of ne bis in idem are now to be acknowledged also
when different offences are notified to the same subject, as long as they arise from
identical or substantially identical factual circumstances “involving the same defen-
dant and inextricably linked together in time and space, the existence of which must
be demonstrated in order to secure a conviction or institute criminal proceedings”.184
Since 2009, this interpretation has been repeatedly confirmed by the ECtHR, at least
explicitly, although some doubts might emerge with regard to the most recent case-
law on the matter, as will be hereinafter analysed.
Much more controversial, on the other side, appears the jurisprudence of the
Court concerning the notion of bis.
This conclusion is due to both formal and interpretative reasons, mostly linked to
the debate concerning the definition of criminal matter and the legitimacy of the
so-called “double-track” sanctioning systems, that is models providing for the pos-
sibility of investigating and sanctioning the same conduct both at administrative and
criminal level.
181
Franz Fischer, §§ 25–30; see also Sailer v Austria, 6.06.2002, Application no. 38237/97, § 26.
Highlighting the ambiguous jurisprudence of the Court on this criterion, Bleichrodt (2006), p. 982.
182
Gradinger v Austria, 23.10.1995, Application no. 15963/90, § 55. Contra, see Trechsel (2005),
p. 393, according to whom “it is not for the Court in Strasbourg to interfere with the way in which
these matters are dealt with in domestic law”.
183
Zolotukhin v Russia, §§ 70–84, esp. §§ 80–81. On the impact of this decision in the case-law of
the Court, see, among others, Amalfitano (2017), p. 1016; Allegrezza (2012), pp. 900–902.
184
Zolotukhin v Russia, § 84.
First, even among those EU Member States that did ratify Protocol No. 7 to the
Convention, a fair number of countries (such as Austria, France, Italy, and Portugal)
lodged declarations narrowing the scope of the principle only to the criminal matter
as defined by national law.185
The aim of these reservations was clear: Preserve the legality double-track sanc-
tioning systems, excluding from the scope of Article 4 the punitive administrative
matters traced back to the criminal limb by the ECtHR Engel jurisprudence.
Currently, however, the actual validity of these reservations is rather uncertain.
On one side, to guarantee a wide application of the principle of bis in idem, in the
past, and respectively in Gradinger (1995)186 and Grande Stevens (2014),187 the
Court has declared void the Austrian and Italian reservations. These decisions were
based on the violation of the formal parameter required by Article 57(2) ECHR, that
is the duty to provide a brief statement of the law concerned by the reservation when
the latter is lodged.188
On the other side, though, considering each State discretion to “choose comple-
mentary legal responses to socially offensive conduct […] and in particular an
approach involving parallel stages of legal response to the wrongdoing by different
authorities and for different purposes”, the goal pursed by the invalidated reserva-
tions has been considered legitimate by the ECtHR in its 2016 notorious case A and
B v Norway.189 With this decision, the Court entailed a substantive overruling of its
previous jurisprudence regarding (at least) the very identification of bis in the crimi-
nal matter.
In Zolotukhin (2009), the Court had clearly applied the Engel criteria to identify
the existence of multiple substantially criminal proceedings, even if classified as
administrative at national level.190 From this consideration, the ECtHR concluded
that, since “Article 4 of Protocol No. 7 contains three distinct guarantees and pro-
vides that no one shall be (i) liable to be tried, (ii) tried or (iii) punished” multiple
times for the same fact, the case in which s ubstantially criminal proceedings are
carried out against the same conduct represents a violation of the double jeopardy
clause.191
This case-law, and the jurisprudence derived from it, notably expanded the scope
of ne bis in idem, and strengthened its dimension as an individual’s fundamental
185
Also Germany, that signed the Protocol, but did not ratify it, lodged nonetheless the same reser-
vation. For a more detailed analysis, see Tomkin (2014), p. 1373 et seq.
186
Cf. Gradinger, § 51; highlighting (before A and B) the restrictive interpretation of the Court with
regard to the definition of bis, see Allegrezza (2012), p. 899.
187
Grande Stevens and others v Italy, 4.03.2014, Application no. 18640/10, §§ 204–212.
188
There are still no cases concerning the German and Portuguese reservation; regarding France,
the declaration was partially acknowledged in Göktan v France, 2.07.2002, Application no.
33402/96, § 51, and not declared invalid—but in that case the reservation was not an argument of
the proceeding, as it was not raised by the Government, so it was not really examined by the Court.
189
Cf. A and B v Norway, 15.11.2016, Applications nos. 24130/11 and 29758/11, §§ 121–134.
190
Zolotukhin v Russia, §§ 52–57.
191
Zolotukhin v Russia, § 110 et seq.
right. It also forced several States to (at least partially) review their internal investi-
gative and sanctioning systems so as to avoid illegitimate duplications not only
within the criminal matter, stricto sensu but also between criminal and punitive
administrative enforcement models.192
In the EU, critical cases under this perspective emerged in different contexts
which touches extremely senstive States’ interests, such as market abuse regulation
(where, the Market Abuse Directive193 requested to establish administrative penal-
ties, but at the same time also allowed to impose criminal sanctions for the same
conducts194), or tax law.195
The controversial decision A and B v. Norway—in which six States intervened as
third-parties to defend their national tax double-track liability systems196—was
taken precisely in this last field.
With a remarkable concession to the national claims of the Norwegian
Government and the other intervening parties, the Court introduced a relevant, not
to say deflagrating exception to the possibility of finding a breach of ne bis in idem
between punitive administrative and criminal proceedings.
192
Cf., for all, Tomkin (2014), pp. 1380–1381; D’Ambrosio (2017), p. 1031 et seq.
193
Cf. Article 14(1), Directive 2003/6/EC of the European Parliament and of the Council of
28.01.2003 on insider dealing and market manipulation (market abuse), now substituted by
Directive 2014/57/UE, cit., which at Recital (23) takes into account (but only in broad and general
terms) the need to comply with the principle of ne bis in idem. On the changes brought by the new
Market Abuse package under this perspective, see D’Ambrosio (2017), p. 1034.
194
In the aforementioned Grande Stevens case, the Court, recognized the substantial criminal
nature of the administrative sanction against market abuse, found (among others) a violation of the
principle of ne bis in idem for the carrying out of a criminal proceeding for the same conduct after
the first had already been imposed by Consob. On this very sensitive issue for the Italian legal
system see, among others, Flick (2014a, b); Flick and Napoleoni (2015); Viganò (2016a); Labianca
(2017), p. 115 et seq.; Zagrebelsky (2014), p. 1196 et seq.; D’Ambrosio (2017), p. 1033. In the
aftermath of Grande Stevens, two questions of constitutionality have been raised before the Italian
Constitutional Court, again with regard to market abuse and ne bis in idem, which were however
declared inadmissible with decision of 12.05.2016, no. 102 (cf., e.g., Viganò 2016a; Dova 2015).
Whether this situation continues to be critical in light of Article 4, Protocol no. 7 ECHR appears
nowadays downsized against the “overruling” of the ECtHR on the matter of ne bis in idem carried
out by the notorious 2016 decision A and B v Norway (cf. C. Cost., decision of 2.03.2018, no. 43
on tax matter; Ufficio del Massimario Penale, Relazione di orientamento. Ne bis in idem. Percorsi
interpretativi e recenti approdi della giurisprudenza nazionale ed europea, Rel. n. 26/17, Roma, 21
marzo 2017), partially followed also by the Court of Justice in the aforementioned 2018 decisions
Menci, Garlsson, and Di Puma-Zecca, cf. above Sect. 2.3 (on the definition of criminal matter) and
below Sect. 2.3.3 (on the application of ne bis in idem). A third question of constitutionality, con-
cerning the scope of the right to remain silent in market abuse proceedings, was considered rele-
vant by the Constitutional Court, that asked the CJEU for a preliminary ruling (order no. 117 of
10.05.2019, cf. Ruggeri (2019)).
195
For the impact of this case-law to banking supervision, see below Sect. 6.3.7.
196
Although relevant in the specific case, this is a rather recurring event in the case-law of the
ECtHR. In A and B, third-party comments were received from Bulgaria, Czech Republic, Greece,
France, the Republic of Moldova and Switzerland.
According to the new interpretation, in fact, multiple proceedings concerning the

same conduct(s) shall not be held in violation of Article 4, Protocol 7 ECHR if they
are proved “sufficiently closely connected in substance and in time”.197
To satisfy this parameter—already developed by the ECtHR in previous case-
law, but till then never applied in practice to exclude a violation of the double jeop-
ardy clause198—a State shall prove whether the duality of proceedings (i) pursues in
concreto complementary purposes; (ii) is a foreseeable consequence, both in law
and in practice, of the same impugned conduct; (iii) presents “adequate interaction
between the various competent authorities” to “avoid as far as possible any duplica-
tion in the collection as well as the assessment of the evidence”; and (iv) “above all,
whether the sanction imposed in the proceedings which become final first is taken
into account in those which become final last”.199
With this decision, thus, the Court clearly surrendered to the claims of those
Member States which demanded full discretion in shaping national enforcement
systems, that include double-track mechanisms applying both administrative (puni-
tive) and criminal sanctions.
Actually, A and B risked overruling the previous Zolotukhin-oriented jurispru-
dence to an even greater extent. In its defence, in fact, the Norwegian Government
asked the Court to establish different interpretations of matière pénale for Article 4,
Protocol No. 7 and for Article 6 ECHR. Specifically, the Government requested to
narrow it—in the first case—only to criminal proceedings stricto sensu, hence not
only excluding the possibility to identify a violation of ne bis in idem, in that spe-
cific case, but also the application of the Engel criteria to the double jeopardy clause
as such.
Under this profile, however, the Court confirmed its previous case-law, finding
“more appropriate, for the consistency of interpretation of the Convention taken as
a whole” that also the principle of ne bis in idem shall be “governed by the same,
more precise criteria as in Engel”.200
That said, with A and B the ECtHR exposed itself to sharp criticism, starting
from the strong suspicious that, even if somehow delineated by the Court, the crite-
rion of the “sufficient connection in time” is, and remains “arbitrary”.201
A practical example of the (at least) vagueness of its bequest has been provided
in the 2017 decision Jóhannesson and others v Iceland. In this case, again concern-
ing a double-track system in tax matter, it was undisputed that the administrative
surcharges applied presented substantive criminal nature, and that the sanctioned
facts at administrative and afterwards at criminal level, were identical.202
197
A and B v Norway, § 130. Cf. Viganò (2016b) and Simonato (2017).
198
Cf., e.g., Nilsson v. Sweden, 13.12.2005, Application no. 73661/01; Boman v. Finland,
17.02.2015, Application no. 41604/11, § 41; Nykänen v. Finland, 20.05.2014, Application no.
11828/11; Lucky Dev v. Sweden, 27.11.2014, Application no. 7356/2010.
199
A and B v Norway, § 132.
200
Cf. A and B v Norway, § 107; for the Government’s position, see § 67.
201
A and B v Norway, Dissenting Opinion of Judge Pinto De Albuquerque, § 46.
202
Jóhannesson and others v Iceland, 18.05.2017, Application no. 22007/11. See Viganò (2017)
and Simonato (2017).
Following the criterion of the “sufficient close connection”, the Court acknowl-
edged the existence of a violation of the principle of ne bis in idem fundamentally
due to the fact that the administrative and criminal proceedings had been carried out
in parallel only for a limited amount of time (about 1 year out of a 9-year overall
length of the proceedings), contrary to A and B, where the period of time shared
between the proceedings was a bit longer (about 2 years out of a total of about
5-year length).203 The lack of substantial connection in time was also at the basis of
the 2019 Nodet decision, where the Court recognized a violation of ne bis in idem
in a case in which proceedings had been carried out simultaneously for about 2 years
and a half out of a total of about 7 years and half.
In this decision, actually, the ECtHR took the chance to reaffirm the relevance
this parameter, explicitly stating that even where the material link is sufficiently
solid, the condition of the temporal connection remains and must be satisfied.204
Determining for how long should the proceedings be “parallel” in order to avoid
a violation of Article 4, Protocol No. 7 ECHR though, appears a rather arbitrary
calculation indeed.
First, it is not clear which are the concrete criteria used by the Court to quantify
the length as “sufficient” (half of the total length? One third?…). Second, the choice
itself of making the application of bis in idem depending on the length of the
proceedings does not look particularly justified, as the latter may vary rather signifi-
cantly between administrative and criminal proceedings, and from State to State (or
even at internal level) without that being strictly related to the exigency of achieving
different levels of protection for individuals.
The parameter concerning the complementarity of purposes of parallel proceed-
ings seems rather problematic too. According to the Court in the aforementioned
Nodet (2019) decision, such integration shall be analysed not only in abstracto, but
also in practice. In that case, in particular, the ECtHR recognized a violation of ne
bis in idem (also) due to the fact that the two parallel proceedings tended to punish
the same facts and to protect the same social interests. Their aim, therefore, was not
complementary, but coincident.205
In this sense it could be argued that the overruling of A and B has some repercus-
sion (although not officially) also to the notion of idem. The legal interests protected
by the norm, indeed, was one of the parameters excluded by the Court in Zolotukhin
where idem was defined only on the basis of the same factual conducts. Suggesting
that two parallel proceedings violate the ne bis in idem because they aim at protect-
ing the same legal good, however, seems to open the door also to the opposite con-
clusion, that is: two parallel proceedings (net of all the other conditions of the A and
203
Dissenting Opinion of Judge Pinto De Albuquerque, § 54.
204
Cf. Nodet v France, Application no. 4732/14, 6.06.2019, §§ 51–53, on which see Scoletta
(2019).
205
Cf. Nodet v France, § 48. It shall be noticed, however, that in that case the evaluation on the
substantial identity of purposes had been already made at the national level, by the French Conseil
constitutionnel. The assessment of the ECtHR on this profile, therefore, essentially follows the
finding at domestic level.
B test) that aim at protecting different legal interests prosecuting the same facts
could in principle be considered in compliance with the double jeopardy clause.
Excluded from the official definition of idem, therefore, diverging legal interests
seem to find a new life through the back door of the “complementarity” condition,
further reducing the safeguarding scope of the ne bis in idem protection in both its
essential elements.
Moreover, the inherent approximation of this new test causes its application to be
scarcely predictable by citizens, and national legislators, which need instead clear
indications concerning the legitimacy or illegitimacy of double-track domestic sys-
tems. In light of the above, it is currently uncertain whether, according to the prin-
ciple established by Article 4, Protocol No. 7, double-track systems are always
acceptable, and above all, if so, under which conditions.
In addition, as authoritatively suggested, the overruling of the Court appears to
be driven by a change in the very interest protected by the principle of ne bis in
idem, which traditionally have been identified both in the protection of the
individual(s), and in the exigency of legal certainty.206
With its more recent jurisprudence, the Court seems to have drastically moved
towards the latter meaning, making of this principle no more an “expression of a
subjective right of the defendant, but a mere rule to guarantee the authority of the
chose jugée, with the sole purpose of ensuring the punitive interest of the State and
the impugnability of State adjudicatory decisions […] Ne bis in idem loses its pro
persona character, subverted by the Court’s strict pro auctoritate stance. It is no
longer an individual guarantee, but a tool to avoid the defendants’ “manipulation
and impunity””207 or, as highlighted by legal scholars, a tool to improperly remedy
to the excessive length of the judicial proceeding which “survives” to the first one.208
In this sense, Judge Pinto De Albuquerque drastically concluded in his dissenting
opinion that “after turning the rationale of the ne bis in idem principle upside down,
the present judgment opens the door to an unprecedented, Leviathan-like punitive
policy based on multiple State-pursued proceedings, strategically connected and put
in place in order to achieve the maximum possible repressive effect”.209
Against this background, to date the ECHR does not seem able to ensure an
effective protection to the principle of ne bis in idem, neither at domestic, nor (indi-
rectly) at transnational level.
Since late 2016, indeed, the ECtHR de facto promotes an interpretation of the
double jeopardy clause characterized by uncertainty of application; limited guaran-
tees for individuals subject to multiple proceedings; and incentives to use the less
procedurally guaranteed but usually faster administrative enforcement models.
206
Cf., e.g., Trechsel (2005), p. 383; Koering-Joulin (1995), p. 1093; Amalfitano (2017), p. 1016.
207
A and B v Norway, Dissenting Opinion of Judge Pinto De Albuquerque, cit., §§ 49 and 79.
208
Cf. Viganò (2017), p. 394.
209
Idem, §§ 49 and 79. Cf. also Trechsel (2005), p. 383, according to whom the individual right
notion of the ne bis in idem is the “only one likely to have any relevance under the Convention”;
contra Caprioli (2010), p. 1183.
For the purposes of this work, especially worrying appears the sub-criterion to
the A and B test concerning “adequate interaction between the various competent
authorities” to “avoid as far as possible any duplication in the collection as well as
the assessment of the evidence”. This parameter seems actually to push for collect-
ing evidence either only in the criminal or in the administrative proceeding. The
“independent collection and assessment of evidence” and in particular the fact that
“the applicant’s conduct and his liability under the different provisions of tax and
criminal law were […] examined by different authorities and courts in proceedings
that were largely independent of each other” was indeed recently found by the Court
a reason to recognize a ne bis in idem violation in Bjarni Armannsson (2019).210
Similar conclusion was reached also in the aforementioned Nodet case (also
2019), where the Court drew negative conclusions from the circumstance that “Il y
a donc eu à tout le moins répétition dans le recueil des éléments de preuve”.211
It seems therefore that this parameter is acquiring an increasing relevance in the
assessment of the Court within the A and B test.
Taking into account that generally criminal investigations last longer than admin-
istrative ones, this criterion seems to favour the option in which information is first
gathered within administrative proceedings, and is then transferred to be used as
evidence in criminal trial. This sub-criterion however does not appear to consider
the complexity of the mechanisms regulating the interaction between administrative
and judicial authorities, and especially that substantially different safeguards apply
to administrative and criminal investigations, above all with regard to the guarantees
recognized to the subject(s) under investigations (such as the right to remain silent,
and the presumption of innocence).
This “automatism” in the transfer of information, already very criticized within
mutual recognition systems such as the European Arrest Warrant212 and the European
Investigation Order,213 and apparently in contrast with the last jurisprudence of the
Court of Justice on the matter of evidence sharing,214 puts indeed at stake the
210
Cf. Bjarni Armannsson v Iceland, 16.04.2019, Application no.72098/14, §§ 55–57.
211
Nodet v France, § 49.
212
Cf. Council Framework Decisions 2002/584/JHA of 13.06.2002 on the European arrest warrant
and the surrender procedures between Member States. For a critical analysis on this issue see,
among others, Panzavolta (2009), p. 179; Bulnes (2008), p. 289; Marletta (2013), p. 47 et seq.;
JUSTICE, European Arrest Warrant. Ensuring an Effective Defence, 2012, p. 22.
https://2bquk8cdew6192tsu41lay8T-wpengine.netdna-ssl.com/wp-content/uploads/2015/01/
JUSTICE-European-ArresT-Warrants.pdf. Accessed 18 July 2018; Fair Trials International, The
European Arrest Warrant seven years on-the case for reform, May 2011. https://www.fairtrials.org/
documents/FTI_Report_EAW_May_2011.pdf. Accessed 18 July 2018.
213
See, among other, Klip (2016), p. 420 et seq.; Caianiello and Di Pietro (2016); Mangiaracina
(2014), p. 116 et seq.
214
WebMindLicenses, Case C-419/14. The theme is analysed, with regard to the banking investiga-
tions involving the Single Supervisory Mechanism, in Sect. 6.1.3. For the privilege against self-
incrimination and the presumption of innocence, see Sect. 6.3.5.
e ndurance of the rights provided for by Article 6 ECHR, and leaves the defendant in
a potentially highly detrimental position.215
2.3.3 Enforcing the Principle of Ne Bis In Idem in the EU
At the Union level, the prohibition of bis in idem is established in the Charter of
Fundamental Rights of the European Union (CFREU), and in the Convention
Implementing the Schengen Agreement (CISA),216 as well as indirectly recognized
in secondary legislation.217
Similarly to the ECHR, this principle in the EU legal sources covers both multi-
ple prosecutions and sanctions. Differently from the Conventional framework, it
applies at domestic as well as at the transnational level, to Union institutions, bod-
ies, offices and agencies, and to Member States to the extent the latter are imple-
menting EU law (parameter related to the critical definition of the scope of the
Charter under Article 51 CFREU as discussed below218).
According to Article 54 CISA, “A person whose trial has been finally disposed
of in one Contracting Party may not be prosecuted in another Contracting Party for
the same acts provided that, if a penalty has been imposed, it has been enforced, is
actually in the process of being enforced or can no longer be enforced under the
laws of the sentencing Contracting Party”.
At Article 55(1), the Convention allows Member States to lodge reservations
narrowing down the scope of the previous provision if a State reckons that (a) the
facts judged abroad took place in whole or in part in its own territory; (b) the facts
215
A and B v Norway, Dissenting Opinion of Judge Pinto De Albuquerque, § 64 “Between the
Charybdis of the risk of contradictory findings in administrative and criminal proceedings owing
to different evidentiary standards (deux poids, deux mesures) and the Scylla of the manipulation of
the administrative evidence for criminal purposes, the defendant is in any event placed in an unfair
position in the Norwegian double-track system”.
216
The Schengen Acquis-Convention implementing the Schengen Agreement of 14 June 1985
between the Governments of the States of the Benelux Economic Union, the Federal Republic of
Germany and the French Republic on the gradual abolition of checks at their common borders,
reproducing the provisions of the 1987 Convention on Double Jeopardy (AT, BE, DK, FR, DE, IT,
EI, NL and PT). On the integration of the CISA into EU law under this perspective, see Tomkin
(2014), p. 1376 et seq.
217
The principle is included as a ground for refusal in Article 4(2) EAW; Article 9(1)(c) Council
Framework Decision 2008/909/JHA of 27.11.2008 on the application of the principle of mutual
recognition to judgments in criminal matters imposing custodial sentences or measures involving
deprivation of liberty for the purpose of their enforcement in the European Union; Article 11(1)(d)
of the EIO Directive. Ne bis in idem is also mentioned in several EU secondary legislation (e.g.
2014 Market Abuse Directive), and recognized by multiple national Constitutional or legislative
provisions; the panorama however is so diverse among Member States that its analysis could rep-
resent the subject of a separate analysis, which necessarily falls out of the scope of this work. Cf.
Vervaele (2005), Galantini (2011).
218
Cf. Tomkin (2014), p. 1375, and p. 1390; Klip (2016), p. 285 et seq.
judged abroad constitute an offence against its national security or other equally
essential interests; (c) the acts to which the foreign judgment relates were commit-
ted by its officials in violation of the duties of their office.219 Lastly, according to
Article 56 CISA, also in case a further prosecution is brought against a person
whose trial, in respect of the same acts, has been finally disposed of in another State,
any period of deprivation of liberty or penalty imposed (if allowed by the applicable
national law) served in the latter shall be deducted from any penalty imposed.
The derogations of Article 55 CISA have been exercised by some EU Member
States, such as Germany,220 and Austria.221 The validity of such reservations, how-
ever, which may substantially restrict the scope of the ne bis in idem protection, is
rather controversial and represents a long-debated issue at the Union level. In par-
ticular, it remains uncertain whether—as supported by influential scholars222—they
should be implicitly deemed abolished by the integration of the CISA into the
Treaties of the European Union.223
The issue is relevant also considering that the conditions included in Article 55
CISA, and in particular the territorial condition sub (a) are also included in some EU
secondary legislation as grounds for refusal to cooperation requests or orders.224
Considering invalid the reservations lodged under Article 55 CISA would then also
logically imply the invalidity of those conditions too, even if this result could legally
be achieved only with specific rulings of the Court of Justice.225
219
Cf. Article 55 CISA, “1. A Contracting Party may, when ratifying, accepting or approving this
Convention, declare that it is not bound by Article 54 in one or more of the following cases:
(a) where the acts to which the foreign judgment relates took place in whole or in part in its own
territory; in the latter case, however, this exception shall not apply if the acts took place in part in
the territory of the Contracting Party where the judgment was delivered; (b) where the acts to
which the foreign judgment relates constitute an offence against national security or other equally
essential interests of that Contracting Party; (c) where the acts to which the foreign judgment
relates were committed by officials of that Contracting Party in violation of the duties of their
office. 2. A Contracting Party which has made a declaration regarding the exception referred to in
paragraph 1(b) shall specify the categories of offences to which this exception may apply. 3. A
Contracting Party may at any time withdraw a declaration relating to one or more of the exceptions
referred to in paragraph 1. 4. The exceptions which were the subject of a declaration under para-
graph 1 shall not apply where the Contracting Party concerned has, in connection with the same
acts, requested the other Contracting Party to bring the prosecution or has granted extradition of
the person concerned”.
220
BGBl. 1994 II, p. 631.
221
BGBl. III of 27.05.1997, p. 2048.
222
Cf., e.g., Vervaele (2013b), p. 228 (according to whom the reservations are incompatible with
the mutual trust that should be existing among Member States); Weyembergh (2013), p. 556
(according to whom maintaining the reservations in force would create an asymmetric context, as
not all the Member States did lodged declarations); see also Jagla (2007), p. 93 et seq. On a more
neutral and open position, Amalfitano (2012), p. 1620 et seq.
223
Currently indicated in Protocol 19 TFEU.
224
Cf. Article 4(7) EAW Council Framework Decisions; Article 11(1)(e) EIO Directive; Article
9(2) Council Framework Decision 2008/909/JHA.
225
Cf. Amalfitano (2017), p. 1027.
So far, however, the answer to this question remains open, as no official position
has been expressed on the matter yet,226 although the problem was touched in
2015 in Kossowski.
In that case, Advocate General Bot argued that such reservations had today
become obsolete, since “permitting a Member State to block the operation of the ne
bis in idem principle in different circumstances would make it an empty principle,
and would cast doubt over the system which forms the basis of the area of freedom,
security and justice”.227
There are two main arguments supporting the Advocate General’s conclusion.
First, neither when the Treaty of Amsterdam ruled for the incorporation of the
Schengen Agreement into EU law,228 nor in the subsequent 1999 Council Decision
determining the legal basis for each of the provisions or decisions which constitute
226
The issue was also raised in Criminal proceedings against Vladimir Turanský, Case C-491/07,
22.12.2008, ECLI:EU:C:2008:768, § 29, where the Austrian reservation seems implicitly to had
been taken into account by the Court, although just to exclude its applicability.
227
The Court of Justice, however, did not explicitly deal with this issue in its following decision, cf.
Criminal proceedings against Piotr Kossowski, case C-486/14, Opinion of Advocate General Bot,
delivered on 15.12.2015, §§ 46 to 68, according to which “the reservation did not become obsolete
simply because of the integration of the Schengen acquis into EU law, nevertheless it cannot work
against it […] It is beyond doubt that the effect of the reservation provided for by Article 55(1)(a)
of the CISA is to deprive the ne bis in idem principle of its content. Having regard to the consider-
ations referred to above in relation to the link between this principle and that of mutual recognition
and to the fundamental importance of the latter principle for the construction of the area of free-
dom, security and justice, this consideration alone is sufficient to conclude that the reservation
should be declared invalid. An exception could only be made to this conclusion if it were justified
by the need to give the reservation useful effect in favour of a superior interest which would not
hinder the development of the area of freedom, security and justice. Accordingly, I shall consider,
from this perspective and on the basis of the German Government’s argument, the possibility that
the reservation may be useful or necessary […] It seems to me to follow from the foregoing that
there is in fact no longer any necessity for the reservation provided for by Article 55(1)(a) of the
CISA, either in the present case or any other. Since the Court’s case-law and the Charter make it
possible to ensure that regard is had to differences of substance between offences, permitting a
Member State to block the operation of the ne bis in idem principle in different circumstances
would make it an empty principle, and would cast doubt over the system which forms the basis of
the area of freedom, security and justice. Having regard to all the foregoing considerations, I am of
the opinion that the reservation provided for by Article 55(1)(a) of the CISA does not respect the
essence of the ne bis in idem principle as expressed in Article 50 of the Charter, and must therefore
be declared invalid”, cf. also Marletta (2017), pp. 108–115.
228
Cf. Article 2(1) Protocol No. 2, Treaty of Amsterdam amending the Treaty on European Union,
the Treaties establishing the European Communities and certain related acts–Final Act, OJ C 340,
10.11.1997, p. 115: “From the date of entry into force of the Treaty of Amsterdam, the Schengen
acquis, including the decisions of the Executive Committee established by the Schengen agree-
ments which have been adopted before this date, shall immediately apply to the thirteen Member
States referred to in Article 1, without prejudice to the provisions of paragraph 2 of this Article.
From the same date, the Council will substitute itself for the said Executive Committee.
The Council, acting by the unanimity of its Members referred to in Article 1, shall take any
measure necessary for the implementation of this paragraph. The Council, acting unanimously,
shall determine, in conformity with the relevant provisions of the Treaties, the legal basis for each
of the provisions or decisions which constitute the Schengen acquis […]”.
the Schengen acquis,229 any reference was made to the declarations issued by
Member States under Article 55. Under a formalistic perspective, therefore, it could
be concluded that only what explicitly included into EU law could now be success-
fully opposed among Member States at the transnational level.
Second, the CISA is not the only source providing for a double jeopardy clause
in the EU legal framework, as the principle is also established by Article 50
CFREU. According to the latter “No one shall be liable to be tried or punished again
in criminal proceedings for an offence for which he or she has already been finally
acquitted or convicted within the Union in accordance with the law”.
The wording of Article 50, thus, does not make any reference to the possibility
of lodging reservations to its scope of application as possible under Article 55.
Actually, it also appears to contradict Article 54 CISA.
The latter, in fact, can be invoked exclusively if a sanction has been imposed,
executed, is being enforced, or if that has become impossible according to the law
of the executing State.230 These restrictions, at first sight, appear to run counter the
text of Article 50 CFREU, which provides for an extended protection of ne bis in
idem, that apparently does not take into account such limitations.231
The contrast could be solved considering the status of the two legal sources at
stake. Indeed, as renown, after the entry into force of the Lisbon Treaty, the status of
the Charter has been directly equalized to that of the Treaties by Article 6(1) TEU;
on the contrary, the link between EU primary law and the Schengen acquis is repre-
sented only by a secondary piece of legislation, the already mentioned 1999 Council
Decision. Therefore, according to the hierarchy of sources, the wider provision of
Article 50 CRFEU shall take precedence over Article 54 CISA. This does not auto-
matically imply, however, that the conditions established by Articles 54 and 55
CISA shall be considered invalid under EU law.
The issue has been faced, with exclusive regard to Article 54, by the Court of
Justice in the notorious Spasic case, concerning a Serbian national, prosecuted for
the same organized fraud both in Germany and in Italy, where he executed the pen-
alty paying the fine he had been convicted to.232
In the decision, the CJEU took into account the Explanatory Report of Article 50,
which includes Articles 54-58 CISA as criteria for interpreting the Charter.233
229
Council Decision 1999/435/EC of 20.05.1999 concerning the definition of the Schengen acquis
for the purpose of determining, in conformity with the relevant provisions of the Treaty establish-
ing the European Community and the Treaty on European Union, the legal basis for each of the
provisions or decisions which constitute the acquis, which identified the legal basis for Articles
54–58 CISA in Articles 31 and 34 Treaty of the EU, now repealed by Articles 82, 82 and 85 TFEU.
230
According to the case-law of the CJEU, also the suspension of the execution of the penalty is
equalized to the execution itself, cf. Criminal proceedings against Jürgen Kretzinger, Case
C-288/05, 18.07.2007, ECLI:EU:C:2007:441, §§ 44 and 52.
231
Cf. Amalfitano (2017), pp. 1023–1024.
232
Judgment in Criminal proceedings against Zoran Spasic, C-129/14 PPU, 27.05.2014,
EU:C:2014:586; cf., e.g., Vervaele (2015); Recchia (2015); Wasmeier (2014), pp. 534–555.
233
Even if in Criminal proceedings against M., C-398/12, 6.02.2014, ECLI:EU:C:2014:65, the
Court affirmed rather the opposite approach, that is “since the right not to be tried or punished
Specifically, the Court agreed with the Report, and considered that the conditions
set by Article 54 CISA may fall under the exceptions established by Article 52(1)
CFREU, according to which limitations to the rights contained in the Charter are
legitimate as long as they (i) are provided for by law; (ii) respect the essence of
those rights and freedoms; (iii) are necessary and (iv) genuinely meet the objectives
of general interest recognized by the Union or the need to protect the rights and
freedoms of others, in light of the proportionality principle.234 Against this back-
ground, the Court hence concluded that the limitations established in Article 54
CISA could be hold valid also under Article 50 CFREU.235
If the position of Article 54 is then clear(er) at least for the time being, uncertain-
ties remain regarding the reservations grounded on Article 55 CISA, to which it
does not seem possible to automatically apply the argument developed in Spasic.
Indeed, while also this provision is listed among those recalled by the Explanatory
Report, the compliance of the broad derogatory clauses contained in Article 55(1)
sub b) and c) CISA (national security or other equally essential interests, and acts
committed by officials in violation of the duties of their office) with the proportion-
ality requirements provided for by Article 52(1) CFREU (especially sub ii), iii) and
iv) appears more critical to be affirmed in abstract and generalized terms. It appears
more likely, then, that an intervention of the CJEU will be required to solve the issue
on a case-by-case basis.236
Coming to the definition of the two main elements of the double jeopardy clause
under EU law (bis and idem237), the CJEU decided, following the wording of Article
twice in criminal proceedings for the same criminal offence is also set out in Article 50 of the
Charter, Article 54 of the CISA must be interpreted in the light of that provision”. Cf. also Draft
Charter of Fundamental Rights of the European Union. Text of the explanations relating to the
complete text of the Charter as set out in CHARTE 4487/00 CONVENT 50, Brussels, 11.10.2000,
sub Article 50, p. 45. http://www.europarl.europa.eu/charter/pdf/04473_en.pdf. Accessed 18 July
2018, according to which “In accordance with Article 50, the “non bis in idem” principle applies
not only within the jurisdiction of one State but also between the jurisdictions of several Member
States. That corresponds to the acquis in Union law; see Articles 54 to 58 of the Schengen
Convention, Article 7 of the Convention on the Protection of the European Communities’ Financial
Interests and Article 10 of the Convention on the fight against corruption. The very limited excep-
tions in those Conventions permitting the Member States to derogate from the “non bis in idem”
principle are covered by the horizontal clause in Article 52(1) of the Charter concerning limita-
tions. As regards the situations referred to by Article 4 of Protocol No 7, namely the application of
the principle within the same Member State, the guaranteed right has the same meaning and the
same scope as the corresponding right in the ECHR”.
234
Spasic, §§ 55–64.
235
Idem, §§ 59. Briefly recollecting the arguments of the Court, also Amalfitano (2017), p. 1024.
236
Cf. Amalfitano (2012), p. 1620 et seq. In any case, even if the limitations contained in Article 55
CISA could be recognized under Article 50 CFREU, the safeguard clause established by Article 56
CISA would still apply, see e.g. Amalfitano (2017), p. 1027; Id. (2002), p. 937.
237
Given the substantial identity between the ECtHR and the CJEU interpretation of what is a
“final” decision, as long as the decision considered the merit of the case, cf., e.g., Criminal pro-
ceedings against Hüseyin Gözütok (C-187/01) and Klaus Brügge (C-385/01), 11.02.2003,
ECLI:EU:C:2003:87, §§ 25–31; Turanský, Case C-491/07, cit., §§ 35–36; Criminal proceedings
against Filomeno Mario Miraglia, Case C-469/03, 10.03.2005, ECLI:EU:C:2005:156, § 35;
54 CISA that refers to “the same act” and since its 2006 case Van Esbroeck to adopt
a factual approach to the definition of idem, looking at the “nature of the acts in
dispute” rather than to their legal classification.238
Appropriately, the Court considered that, as “there is no harmonisation of
national criminal laws, a criterion based on the legal classification of the acts or on
the protected legal interest might create as many barriers to freedom of movement
[…] In those circumstances, the only relevant criterion for the application of Article
54 of the CISA is identity of the material acts, understood in the sense of the exis-
tence of a set of concrete circumstances which are inextricably linked together”.239
This approach, already applied by the Inter-American Court of Human Rights,240
was maintained by the CJEU also after the entry into force of the Lisbon Treaty,
regardless from the fact that the wordings of Article 50 CFREU, and of secondary
legislation in the matter of transnational cooperation, such as the EAW, do not refer
to “facts”, but to “offences”.241
As repeatedly recalled by the Court, also in its 2018 decision Menci and Garlsson
Real Estate SA (as well as, in the background, in Di Puma-Zecca), “the relevant
criterion for the purposes of assessing the existence of the same offence is identity
of the material facts, understood as the existence of a set of concrete circumstances
which are inextricably linked together which resulted in the final acquittal or con-
viction of the person concerned”.242 Again, the CJEU justifies its jurisprudence with
the need to confer an harmonized scope to the protection from bis in idem, which
would otherwise vary from one Member State to another, if left to the legal classifi-
cation of facts and legal interests established under national law.243
Against this background, the Court for instance recognized as idem, both in the
field of VAT fraud and market manipulation, criminal and administrative punitive
Criminal proceedings against Giuseppe Francesco Gasparini and Others, Case C-467/04, 28
September 2006, ECLI:EU:C:2006:610, §§ 22–33; Klaus Bourquain, Case C-297/07, 11.12.2008,
ECLI:EU:C:2008:708, §§ 34–37. On this issue see, for all, Amalfitano (2017), pp. 1021–1022;
D’Ambrosio (2017), p. 1041; Tomkin (2014), p. 1391 et seq.
238
Cf. Vervaele (2014), p. 190; Amalfitano (2017), p. 1019; Rafaraci (2009), p. 93 et seq.; Neagu
(2012), p. 955 et seq.; Schomburg (2012), p. 311 et seq.; Tomkin (2014), p. 1398 et seq.
239
Criminal proceedings against Leopold Henri Van Esbroeck, C-436/04, 9.03.2006,
ECLI:EU:C:2006:165, §§27, 35 and 36; Gasparini, Case C-467/04, cit., §§ 53–56; Van Straaten,
cit., §§ 40–53; Kretzinger, cit., §§ 28–36; Criminal proceedings against Norma Kraaijenbrink,
C-367/05, 18.07.2007, ECLI:EU:C:2007:444, §§ 23–29. With regard to the EAW, see Gaetano
Mantello, Case C-261/09, 16.11.2010, ECLI:EU:C:2010:683, §§ 32–51.
240
Loayza-Tamayo v. Peru, 17.09.1997, Series C No. 33, § 66: “This principle is intended to protect
the rights of individuals who have been tried for specific facts from being subjected to a new trial
for the same cause. Unlike the formula used by other international human rights protection instru-
ments (for example, the United Nations International Covenant on Civil and Political Rights,
Article 14(7), which refers to the same ‘crime’), the American Convention uses the expression ‘the
same cause’, which is a much broader term in the victim’s favour”.
241
Cf., e.g., Gaetano Mantello, C-261/09, § 39.
242
Menci, Case C-524/15, § 35; Garlsson Real Estate SA, Case C-537/16, § 37. For a preliminary
analysis, see e.g. Amalfitano (2017), pp. 1029–1030; Simonato (2017); Galluccio (2018).
243
Menci, Case C-524/15, § 36; Garlsson Real Estate SA, Case C-537/16, § 38.
provisions punishing the same conducts, although only in the first ones, it was nec-
essary to prove a subjective element, not required by the administrative penalty.244
Under this profile, the case-law of the Court of Justice seems hence aligned to the
jurisprudence of the ECtHR. That does not mean, however, that the latter is auto-
matically and systematically adopted before the Judges in Luxembourg.
Actually the need for the Court of Justice, and for the EU as such, to develop an
autonomous notion of the rights enshrined in the Charter was raised in Fransson by
Advocate General Cruz Villalón,245 and later by the same CJEU, for instance in the
notorious case Tele2-Watson.246 This thesis had been reaffirmed in the 2018 afore-
mentioned decisions with specific regard to the ne bis in idem.
There, again, the Court explicitly recalled that the ECHR does not constitute “for
as long as the European union has not acceded to it, a legal instrument which has
been formally incorporated into EU law”, (although Article 6(3) TEU recognizes
the fundamental rights of the Convention as “general principles of EU law”), and
regardless of the equivalence clause contained in Article 52(3) CFREU.247
Accordingly, questions concerning the status of fundamental rights in the EU shall
be examined, if not exclusively certainly largely “in the light of the fundamental
rights guaranteed by the Charter”.248
The coincidence between the interpretation of the Court of Justice and that of the
ECtHR concerning the notion of idem shall therefore, at least in the perspective of
the CJEU, be welcomed as a reasonable convergence between European Courts, but
it should not be given for granted. In this sense, it is worth recalling that tradition-
ally, the Court of Justice had recognized a different standard for the definition of
idem applied to competition law, where it applied much restrictive criteria, acknowl-
edging the existence of idem only if there is (i) identity of facts; (ii) unity of the
offender and of (iii) the legal interest protected.249
Theoretically, therefore, the Court could decide to apply this restrictive approach
also to substantive matters other than competition law. This result however could
244
Menci, Case C-524/15, § 38; Garlsson Real Estate SA, Case C-537/16, § 40.
245
Opinion of Advocate General Cruz Villalón, in Case C-617/10, delivered on 12.06.2012, §§
81–87. Highlighting arguments contrary to this reconstruction Böse (2017), p. 220.
246
Joined cases Tele2 Sverige AB (C-203/15) v PosT- och telestyrelsen and Secretary of State for the
Home Department v Tom Watson and Others (C-698/15), 21.12.2016, ECLI:EU:C:2016:970, §
127 and case-law there cited, which will be further analysed with regard to real-time monitoring of
banking data in Sect. 8.2.
247
Garlsson Real Estate SA, Case C-537/16, § 24; Menci, Case C-524/15, § 24.
248
Garlsson Real Estate SA, Case C-537/16, § 26; Menci, Case C-524/15, § 24; Criminal proceed-
ings against Massimo Orsi and Luciano Baldetti, Joined Cases C-217/15 and C-350/15, 5.04.2017,
ECLI:EU:C:2017:264, § 15 and case-law there cited.
249
Cf., among others, Joined cases Aalborg Portland A/S (C-204/00 P), Irish Cement Ltd (C-205/00
P), Ciments français SA (C-211/00 P), Italcementi-Fabbriche Riunite Cemento SpA (C-213/00 P),
Buzzi Unicem SpA (C-217/00 P) and Cementir-Cementerie del Tirreno SpA (C-219/00 P) v
Commission of the European Communities, 7.01.2004, ECLI:EU:C:2004:6, §§ 338–340; Toshiba
Corporation and Others v Úřad pro ochranu hospodářské soutěže, C-17/10, 14.02.2012,
ECLI:EU:C:2012:72, § 97. On the CJEU exceptionalism in competition law cf. also Van Bockel
(2010), p. 170 et seq; Di Federico (2011); Amalfitano (2017), p. 1019; Tomkin (2014), p. 1399.
not only narrow the protection granted to European citizens, but also violate Article
53(2) CFREU, at least until the case-law of the ECtHR will provide for a higher
standard of protection under this profile.250
Critical considerations arising from the “autonomous” approach to the double
jeopardy clause may be drawn also with regard to the CJEU interpretation of bis.251
Indeed, as already mentioned, the Court of Justice has since long embraced the
Engel doctrine in its jurisprudence (especially in Spector, Bonda, and Fransson252).
In Fransson, in particular, the CJEU recognized that the scope of Article 50 CFREU
is defined by a substantive interpretation of matière pénale.
In this sense, while Article 50 CFREU “does not preclude a Member State from
imposing, for the same acts of non-compliance” administrative and criminal penal-
ties, or a combination of the two, if the first “is criminal in nature […] and has
become final that provision precludes criminal proceedings in respect of the same
acts from being brought against the same person”.253
This position, apparently in line with the pre-A and B v Norway case-law of the
Court of Strasbourg, contained however a relevant exception: Already in Fransson,
in fact, the CJEU specified that the exclusion of one punitive line was to be consid-
ered admissible only “as long as the remaining penalties are effective, proportionate
and dissuasive”.254 The protection against ne bis in idem was, therefore, de facto
limited by its compliance with the principle of effectivity, leaving a rather high
margin of discretion to the Member States (especially with regard to double-track
systems).255
This background has been further developed—although with limited room for
improvement in terms of legal certainty—in early 2018, when the CJEU partially
took into account the revirement in the ECtHR jurisprudence with regard to the
interaction between criminal and administrative punitive enforcement models. In
these cases, in fact, also the Court of Justice dismissed the arguments previously
applied by the Court in Strasbourg in Zolotukhin and Grande Stevens, and explicitly
affirmed that double prosecution and/or punishment concerning the same conduct
does not, in itself, represent a violation of the principle of ne bis in idem.
This holds true regardless of the fact that, as recognized by the CJEU in Fransson
and again in Garlsson, the individual right of Article 50 CFREU does not require
any further action on the part of the EU or national authorities for its application, as
250
Along this line, see Amalfitano (2017), p. 1020. These arguments, together with the need to
ensure a uniform approach to the principle at the EU level, brought the Court to (at least implicitly)
revise its case-law in competition law in the recent case Powszechny Zaklad Ubezpieczen na Zycie
S.A., C-617/17, 3.04.2019, ECLI:EU:C:2019:283, § 32.
251
Besides for the applicability of the conditions of Article 54 CISA to the definition of the prin-
ciple established in the Charter, previously discussed.
252
Cf. Spector, Case C-45/08, § 42; Bonda, C-489/10, § 37; Fransson, Case C-617/10, § 34 et seq.
See above, paragraph 3, and, for all, Tomkin (2014), p. 1385; Böse (2017), p. 218 et seq.
253
Fransson, Case C-617/10, § 34.
254
Fransson, Case C-617/10, § 36.
255
See, for all, Tomkin (2014), pp. 1387–1388; 1385; 1391 et seq. and 1405 et seq.
it confers on individuals a right which is directly applicable in concrete specific

disputes (from which it follows the duty of national judges to disapply potential
conflicting national provisions).256
In Menci, Garlsson Real Estate SA, and Di Puma-Zecca, in fact, the Court par-
tially justified the existence of double-track systems on the basis of Article 52(1)
CFREU, according to which, as already mentioned, limitations to the rights of the
Charter must (i) be provided for by law, (ii) respect the essence of that rights, and
(iii) in light of the principle of proportionality be necessary and (iv) meet objectives
of general interests recognized by the EU or the need to protect the rights and free-
doms of others.257
In the 2018 cases, the assessment of criteria (i) and (iv) was not especially criti-
cal, since the existence of legal basis in national legislation was undisputed (and in
any case, relatively easy to assess), as well as it was the conclusion that the protec-
tion of the integrity of financial markets (in Garlsson and Di Puma-Zecca) and the
correct collection of VAT (in Menci) represent general interests of the Union.258
Rather more controversial, not to say thoughtless, for the (residual) value of the
double jeopardy clause in EU law appear instead the considerations made by the
Court with regard to the (ii) criterion, concerning the respect of the essence of the
right at stake.
Under this perspective, in fact, the CJEU seems to deduce from the mere circum-
stance that national legislation allows for a duplication of proceedings and penalties
“only under certain conditions which are exhaustively defined”, the consequence
that “the right guaranteed by Article 50 is not called into question as such” and
therefore it is respected in its essential content.259
Here indeed, the Court appears to oversee the fact that even limitations provided
only upon specific conditions may, as underlined in the dissenting opinion of A and
B v Norway, transform the nature of double jeopardy clause from an individual
fundamental right to a mere organizational rule. And this mutation does seem to
violate the essence of the original scope of Article 50 CFREU.260
The CJEU seems also to follow the recent approach of the Court in Strasbourg in
its assessment of the (iii) criterion concerning the “necessity” requirement.
According to the proportionality principle, in fact, limitations to the rights of the
Charter, and in the specific case, duplication of proceedings and penalties for the
same conduct, shall at least not “exceed what is appropriate and necessary in order
256
Garlsson Real Estate SA, Case C-537/16, §§ 64–68 and case-law there mentioned; Fransson,
Case C-617/10, § 45.
257
Garlsson Real Estate SA, Case C-537/16, §§ 42–43; Menci, Case C-524/15, §§ 41–42; Di
Puma–Zecca, Joined Cases C-596/16 and C-597/16, § 41, as already affirmed in Spasic, Case
C-129/14 PPU, §§ 55–56.
258
Garlsson Real Estate SA, Case C-537/16, §§ 44 and 46; Di Puma-Zecca, Joined Cases C-596/16
and C-597/16, § 42; Menci, Case C-524/15, § 44. On the European interests in VAT collection,
long disputed between EU institutions and Member States, but now included among the PIF crimes
(if particularly serious) see, if you please, Lasagni (2016), p. 341 et seq.
259
260
Cf. above Sect. 2.3.2.
to attain the objectives legitimately pursued by that legislation” meaning that “when
there is a choice between several appropriate measures, recourse must be had to the
least onerous and the disadvantages caused must not be disproportionate to the aims
pursued”.261
In absence of EU law harmonizing which kind of penalties should be applied to
a specific conduct, however, the Court first considered that Member States shall
have the right to provide for double-track systems to pursue “objective, complemen-
tary aims relating, as the case may be, to different aspects of the same unlawful
conduct at issue”.262 In those circumstances, says the CJEU, “the proportionality of
national legislation […] cannot be called into question by the mere fact that the
Member State concerned chose to provide for the possibility of such a duplication,
without which that Member State would be deprived of that freedom of choice”.263
Against this background, the Court interprets the necessity requirement based on
the proportionality principle as imposing upon national legislation: (a) To be fore-
seeable, meaning that it should provide for clear and precise rules allowing indi-
viduals to predict which acts or omissions are liable to be subject to a duplication of
proceedings and penalties, and (b) to ensure that the disadvantages resulting, for the
persons concerned, from such a duplication are limited to what is strictly necessary
to achieve the objective(s) of general interests.
In particular, in order to assess the latter condition, national legislation shall: (b1)
Ensure coordination rules so as to reduce the additional disadvantage caused for the
persons concerned by such a duplication to what is strictly necessary; and (b2)
guarantee that the severity of all the penalties imposed does not exceed the serious-
ness of the offence concerned, i.e. the amount of the second penalty applied should
take into account that of the penalty already imposed.264
In line with the approach inaugurated with Fransson,265 the compliance of
national legislation with all these parameters is not for the CJEU, but for national
judges to assess, balancing, on one side, the seriousness of the offence at stake and,
on the other, the actual disadvantage resulting for the subjects involved.266
Within this constraints, the CJEU positively assessed the existence of “coordina-
tion rules” (sub-criterion b1) both in Garlsson, (between the Italian prosecution
service and Consob),267 and in Menci, where it favourably considered the mecha-
nism according to which the enforcement of administrative punitive penalties had to
261
262
Garlsson Real Estate SA, Case C-537/16, §§ 46–47; Menci, Case C-524/15, §§ 44–46.
263
264
Garlsson Real Estate SA, Case C-537/16, §§ 51–63; Menci, Case C-524/15, §§ 49–64.
265
See above, Sect. 2.3.
266
Menci, Case C-524/15, § 59.
267
As provided for in Article 187i of Legislative Decree No 58 of 24 February 1998, consolidating
all provisions in the field of financial intermediation (the so-called TUF); cf. Garlsson Real Estate
SA, Case C-537/16, § 57.
be suspended during criminal proceedings against the same VAT fraudolent con-
duct, and even definitely prevented if the latter had terminated with a conviction.268
As for the parameter regarding the proportionality of the overall penalty (sub-
condition b2), in Menci the Court positively pointed out that criminal penalties were
to be limited to particularly serious offences (unpaid VAT exceeding EUR 50,000),
and that voluntary payment of the tax debt covering also the imposed administrative
penalty constituted a special mitigating factor to be taken into account in criminal
proceedings.269
On the contrary, the CJEU did not consider this condition fulfilled in Garlsson,
where the range of (punitive) administrative and criminal fines applicable for the
same conduct of market manipulation (notably deriving from the national transposi-
tion of Directive 2003/6/EC270) was considered unnecessarily burdensome. This
conclusion was also supported by the fact that safeguards against the excessive
severity of the cumulated penalties in that field found application only among pecu-
niary penalties, but not between punitive administrative fine and imprisonment.271
Similarly, negative considerations were drawn by the Court also in Di Puma-Zecca
(possibly the less controversial of the three 2018 cases), where the possibility to
bring proceedings for an administrative punitive fine following a criminal trial for
the same conduct already terminated with an acquittal was also considered exceed-
ing the necessity required by the principle of proportionality.272
While the conditions concerning the proportionality of the penalty imposed may
seem relatively straightforward in their concrete application, several are the uncer-
tainties created and left unsolved by the Court with this more recent jurisprudence.
First, the circumstances of the cases examined do not answer as to whether the
CJEU would include in the parameter on the “coordination rules” also the need to
concentrate the phase of evidence gathering between administrative and criminal
proceedings. From the general wording drawn by the Court, it is not possible to rule
out this condition, included in the A and B test, nor all the critical issues related to
it as previously analysed273 which risk, to raise also into EU law serious questions
on the effectivity of defence rights for the affected individual(s).
Second, the CJEU, similarly to A and B, and contrary to what previously affirmed
in Zolotukhin or Grande Stevens, has opted for an interpretation that, certainly
meeting the interests of several Member States, does not really allow individuals to
know, in advance, whether their specific situation could be considered a violation of
Article 50 CFREU or a legitimate limitation of the latter.
Indeed, the parameters identified by the Court of Justice, although not including
the “substantial connection in time”—perhaps the most arbitrary condition of the A
268
Menci, Case C-524/15, § 56.
269
Menci, Case C-524/15, §§ 54–56.
270
See above note 195.
271
Garlsson Real Estate SA, Case C-537/16, §§ 58-59-60.
272
Di Puma-Zecca, Joined Cases C-596/16 and C-597/16, §§ 43–44.
273
and B test274—are far from reaching that threshold of clarity and precision that the
same CJEU requires from national legislation to comply with Article 52(1) CFREU.
Both under EU law and at the Conventional level, therefore, it seems that—
besides for self-evident cases—there will not be a foreseeable way for individuals
to actually know whether they are entitled to effectively invoke the principle of ne
bis in idem. The only effective content left to this principle, at least when applied to
the (broad) notion of punitive matter, seems therefore the right for individuals to be
subject to overall proportionate penalties. This jurisprudence appears thus to limit
ne bis in idem only to a part of its substantive notion (proportionality of sanctions),
totally forgetting the needs of protection arising also from the mere double protec-
tion.275 A solution against which, with a hint of provocation, even the limited, but
clearer boundaries of the double jeopardy clause in the US legal framework may
seem preferable.
With this 2018 case-law, hence, the Court did not, as hoped by many and as
explicitly suggested by Advocate General Sánchez-Bordona took the chance to
establish a higher level of protection compared to the ECtHR.276
On the contrary, the CJEU sensibly lowered the content of the principle, anchor-
ing the “quality” of its interpretation to the consideration that it ensures “a level of
protection of the ne bis in idem principle which is not in conflict with that guaran-
teed by Article 4 of Protocol No 7 to the ECHR, as interpreted by the European
Court of Human Rights” in A and B v Norway.277
This case-law does not even has the positive effect of preventing the aforemen-
tioned “first come first served” phenomenon,278 that follows from the application of
strict rules on ne bis in idem in a legal framework which does not include binding
rules for the allocation of jurisdiction (and that perhaps represented the most sensi-
tive criticism that could be lifted against the Zolotukhin doctrine).
In Garlsson, in fact, the CJEU affirmed that bringing of proceedings relating to
an administrative punitive fine that follows a criminal conviction “exceeds what is
strictly necessary in order to achieve the objective [of general interest-sub criterion
(iv)], in so far as that criminal conviction is such as to punish the offence committed
in an effective, proportionate and dissuasive manner” given, for instance, the harm
caused to the company by the offence committed.279
Such argument—theoretically reasonable—appears however especially critical
in its concrete application. Indeed, in the specific case, it was considered “effective”
a final criminal penalty imposed at the end of a negotiated proceeding (initiated
after the first conviction at the administrative level, and terminated before the
274
Cf. Opinion of Advocate General Campos Sánchez-Bordona, delivered on 12.09.2017, in case
Menci (C-524/15), §§ 55–56.
275
Besides for what affirmed by the Advocate General Wahl in C-617/17 delivered on 29.11.2018,
ECLI:EU:C:2018:976, § 22.
276
Id., §§ 60; 74–77; cf. also Galluccio (2018).
277
Menci, Case C-524/15, §§ 60–62 and in particular, § 62.
278
279
Garlsson Real Estate SA, Case C-537/16, § 57.
exhaustion of the appeals against the administrative fine) which was never enforced
since it was extinguished as a result of a pardon. This circumstance was considered
“irrelevant for the purpose of assessing whether national legislation such as that at
issue in the main proceedings is strictly necessary”.280
This argument not only raises again problems of compliance of Article 50
CFREU with Article 54 CISA (as such case could be considered as falling into the
deerogations to ne bis in idem there provided)281 but also clearly shows how a sys-
tem in which guilty plea (even not enforced) is largely applied could de facto pre-
vent the application of any administrative punitive fine: Again a “first come first
served” approach, but without the benefits deriving from having at least clear crite-
ria for the application of the double jeopardy protection.
Similarly to the Conventional framework, therefore, also in the EU the protection
from double jeopardy seems to come out rather dilapidated by the recent develop-
ment of the case-law.
The limits in the recognition of a transnational application to the principle of ne
bis in idem in the EU shall finally also take into account the scope of application of
the Charter itself.
While the rights of the Charter may be invoked by every natural or legal person
whose legal interests have been affected by EU law282, the reference to “EU law” is
far from being unequivocal in this context.283
In fact, according to Article 51(1) CFREU, the Charter is legally binding towards
institutions, bodies, offices and agencies of the Union, and towards Member States
when they “are implementing Union law”.
This last clause was interpreted by the Court as an obligation for Member States
to comply with the Charter when they are acting within the scope of EU law284; in
280
Id., § 62.
281
Unless that in intended at certifying a different notion of the ne bis in idem principle in its
domestic and transnational dimensions.
282
The applicability of the Charter specifically towards legal entities was underlined by the Court
of Justice also in cases concerning banks, such as Bank Saderat Iran v Council, Case T-494/10,
5.02.2013, ECLI:EU:T:2013:59, §§ 33–44.
283
See, for all, Ward (2017), p. 1431 et seq.; see also Safjan (2012), pp. 3–6; Groussot et al. (2011),
pp. 13–14; Tomkin (2014), p. 1385 et seq.
284
Cf. Opinion of Advocate General Kokott, in Case C-489/10, delivered on 15.12.2011, §§ 13–20;
this interpretation had already been expressed in Hubert Wachauf v Bundesamt für Ernährung und
Forstwirtschaft, Case 5/88, 13.07.1989, ECLI:EU:C:1989:321; Elliniki Radiophonia Tiléorassi
(ERT) AE and Panellinia Omospondia Syllogon Prossopikou v Dimotiki Etairia Pliroforissis and
Sotirios Kouvelas and Nicolaos Avdellas and others, Case C-260/89, 18.06.1991,
ECLI:EU:C:1991:254; Daniele Annibaldi v Sindaco del Comune di Guidonia and Presidente
Regione Lazio, Case C-309/96, 18.12.1997, ECLI:EU:C:1997:631. More recently, see Fransson,
cit., § 21 “Since the fundamental rights guaranteed by the Charter must therefore be complied with
where national legislation falls within the scope of European Union law, situations cannot exist
which are covered in that way by European Union law without those fundamental rights being
applicable. The applicability of European Union law entails applicability of the fundamental rights
guaranteed by the Charter”. Affirming instead that the assessment shall be made exclusively in
relation to EU provisions was J. McB v L.E., Case C-400/10 PPU, 5.10.2010, ECLI:EU:C:2010:582,
particular, State authorities are subject to the Charter when they apply domestic law
that has the purpose of enforcing EU provisions (in that including also the case in
which a Member State exercises discretionary powers conferred by EU law285).
The interpretation of this vague clause has long been debated, especially to deter-
mine whether advocating the application of the general principles of the EU law in
a certain field would be a sufficient condition to trigger the protection of the
Charter.286 This argument was recognized as valid by the Court in all fields in which
EU law determines the action of Member States (such as in the EAW, or presum-
ably, the EIO287).
Slightly different is the case where EU law determines only partially the legal
grounds applicable to the case, which was examined by the CJEU in the aforemen-
tioned Fransson decision, where the subject matter was tax law (only in part regu-
lated at the EU level with regard to VAT).288
According to the Court, in such situations, “national authorities and courts
remain free to apply national standards of protection of fundamental rights, pro-
vided that the level of protection provided for by the Charter, as interpreted by the
Court, and the primacy, unity and effectiveness of European Union law are not
thereby compromised”.289 Here too, however, due to the reference to the primacy of
EU law, it has been reasonably argued that national standards may apply instead of
§ 51–53. For a recollection of the criminal law matters falling under the scope of Article 50
CFREU, see Tomkin (2014), pp. 1386–1387.
285
Joined cases N.S. (C-411/10) v Secretary of State for the Home Department and M. E. and
Others (C-493/10) v Refugee Applications Commissioner and Minister for Justice, Equality and
Law Reform, 21.12.2011, ECLI:EU:C:2011:865, § 68; on the point see, for all, Ward (2017),
pp. 1437–1439. Specific limitations to the application of the Charter, and above all to the possibil-
ity of its provisions to be judicially cognizable by the Court of Justice, are in place for UK and PL
(while CZ is on the process to join the Protocol), due to Article 1(1) of Protocol No. 30 TFEU. This
provision however was not considered by the ECJ as justifying and exemption for such States from
the obligation to comply with the Charter, at least with regard to the rights and principles that are
not part of Title IV of the Charter (economic, social and cultural rights), cf. N. S., Joined Cases
C-411/10 and 493/10, § 50.
286
Cf., e.g., Vervaele (2014), p. 192.
287
Concerning the primacy of EU law in these contexts, also when the rights provided for by EU
law provided for a lower standard of protection than that established at national level, see famously
Stefano Melloni v Ministerio Fiscal, Case C-399/11, 26.02.2013, ECLI:EU:C:2013:107.
288
The issue had actually been already examined by the Court in Murat Dereci and others v
Bundesministerium für Inneres, Case C-256/11, 15.11.2011, ECLI:EU:C:2011:734, § 72.
289
Fransson, Case C-617/10, § 29; cf. Sarmiento (2013), pp. 1294–1296; Ward (2017), pp. 1433–
1437. Different criterion was instead adopted in the Opinion of Advocate General Cruz Villalón, in
Case C-617/10, delivered on 12.06.2012, according to which judicial review should be carried out
at national level, while the exceptional cases where the CJEU should be competent shall be based
on a “reference to a specific interest of the Union in ensuring that that exercise of public authority
accords with the interpretation of the fundamental rights by the Union. The mere fact that such an
exercise of public authority has its ultimate origin in Union law is not of itself sufficient for a find-
ing that there is a situation involving the ‘implementation’ of Union law” (§ 40).
the Charter only in cases of “severe breach of constitutionally protected principles

inherent to the EU’s legal order”.290
Moreover, in Robert Pfleger (2014) the CJEU, affirmed that the Charter covers
also situations in which Member States use “exceptions provided for by EU law in
order to justify an obstruction of a fundamental freedom guaranteed by the Treaty”.
These cases too should therefore be regarded as “implementing Union law” within
the meaning of Article 51(1) CFREU.291
Nonetheless, not every connection with EU law is sufficient to trigger the appli-
cation of the Charter.292
Often, in fact, the Court has required the Union to had already exercised its com-
petence on the specific matter, issuing some act of secondary legislation, to be able
to enforce the rights provided for by the Charter.
An example in this sense is provided by the 2016 joined cases Tele2-Watson on
data retention,293 where one of the issues at stake concerned precisely whether the
challenged national legislation could still fall under the scope of EU law even
though the directive from which it was deriving had been annulled by the CJEU294).
Most interestingly, to assess so, in that case the Court concluded for the applicabil-
ity of the Charter to the subject matter tracing the Swedish and British legislation at
stake—originally derived from the annulled directive—back to a different piece of
secondary EU legislation on data retention, the so-called “ePrivacy” directive.295
290
Sarmiento (2013), p. 1295.
291
Robert Pfleger and others, Case C-390/12, 30.04.2014, ECLI:EU:C:2014:281, §§ 30–37, and in
particularly § 36. In that case, the legislation at stake was acting within the area of games of
chance, which is not harmonized at the EU level; nonetheless, the Court considered that “where it
is apparent that national legislation is such as to obstruct the exercise of one or more fundamental
freedoms guaranteed by the Treaty, it may benefit from the exceptions provided for by EU law in
order to justify that fact only in so far as that complies with the fundamental rights enforced by the
Court. That obligation to comply with fundamental rights manifestly comes within the scope of
EU law and, consequently, within that of the Charter”; see also Fransson, Case C-617/10, § 19, and
Lenaertes (2011), p. 88; Ward (2017), pp. 1428–1429.
292
Cf. Cruciano Siragusa v Regione Sicilia, Case C-206/13, 6.03.2014, EU:C:2014:126, §§ 16–36
(concerning environmental restrictions); Sindicato dos Bancários do Norte and Others v BPN,
Order of the Court C-128/12, 7.03.2013, EU:C:2013:149, §§ 8–14 (concerning salary treatment);
Criminal proceedings against Magatte Gueye (C-483/09) and Valentín Salmerón Sánchez (C-1/10),
15.09.2011, ECLI:EU:C:2011:583, § 69 (on the interest of victims), where the Court declared it
was not competent as there was no “implementation of EU law”.
293
Cf. Joined cases Tele2 Sverige AB (C-203/15) and Watson (C-698/15), §§ 65–81, for the impli-
cations of this decision in real-time monitoring of personal (banking) data, cf. also Chap. 8.
294
Cf. Judgment in Digital Rights Ireland Ltd v. Minister for Communications, Marine and Natural
Resources and Others and Kärntner Landesregierung and Others, 8.04.2014, C-293/12,
ECLI:EU:C:2014:238, in which the Court declared invalid Directive 2006/24/EC of 15.03.2006 on
the retention of data generated or processed in connection with the provision of publicly available
electronic communications services or of public communications networks and amending
Directive 2002/58/EC; for the implications of this decision in the context of real-time monitoring
of personal (banking) data, cf. also Chap. 8.
295
Directive 2002/58/EC of 12.07.2002 concerning the processing of personal data and the protec-
tion of privacy in the electronic communications sector.
As it has been highlighted by legal scholars, however, the case-law of the CJEU
on the parameter of Article 51(1) CFREU is likely to further develop and signifi-
cantly increase in the next future. This is true especially with regard to criminal law,
thanks to the many opportunities of triggering a preliminary ruling on the bases of
the package of directives approved to safeguard the defendant and the victim of
criminal proceedings in the aftermath of the Stockholm Programme.296 And indeed
in the last few years, although in a somewhat ambivalent way, the Court has started
to define more clearly its competence with regard to the criminal matter, sometimes
with a narrow approach, such as in the very controversial Milev decision (2018),
sometimes with a more inclusive interpretation, as in Moro (2019).297
Finally, it shall be pointed out that while the case-law of the CJEU and of the
ECtHR recognize the protection from double jeopardy for natural persons, both
Courts are far more cautious when it comes to legal entities. This issue is particu-
larly relevant in financial criminal or administrative investigations, where legal per-
sons, such as banks or financial institutions are quite frequently the target.
Indeed, in the debate about the scope of defence rights and fair trial principles,
only certain prerogatives are unquestionably acknowledged also towards legal enti-
ties, such as the right to legal assistance and to legal aid.298 Emblematic in this sense
is the presumption of innocence, whose application to organizations has been rec-
ognized by the two European Courts (although with strong limitations with regard
to the privilege against self-incrimination before the CJEU),299 but (at least in the
intentions) excluded by the EU legislation with Directive 2016/343.300
In lack of any specific indication on the matter, the extension of the principle of
ne bis in idem also towards legal persons, largely supported by academics,301 seems
to be substained by the European Courts.302 An effective protection against multiple
296
Allegrezza (2017), p. 971. Cf. also Sect. 6.3.5.
297
Cf. Criminal proceedings against Emil Milev, C-439/16 PPU, 27.10.2016, ECLI:EU:C:2016:818;
Criminal proceedings against Gianluca Moro, C-646/17, 13.06.2019, ECLI:EU:C:2019:489.
298
DEB Deutsche Energiehandels– und Beratungsgesellschaft mbH v Bundesrepublik Deutschland,
C-279/09, 22.12.2010, ECLI:EU:C:2010:811.
299
For the Court of Justice see, e.g., Commission of the European Communities v SGL Carbon AG,
Case C-301/04 P, 29.06.2006, ECLI:EU:C:2006:432, § 406; Mannesmannröhren-Werke AG v
Commission of the European Communities, Case T-112/98, 20.02.2001, ECLI:EU:T:2001:61, §§
36–77; Orkem v Commission of the European Communities, Case C-374/87, 18.10.1989,
ECLI:EU:C:1989:387, § 30–31. For the European Court of Human Rights, see, e.g., Synnelius &
Edsbergs Taxi AB v. Sweden, 17.06.2008, Application no. 44298/02, §1; Haralambidis,
Y. Haralambidis-Liberpa S.A. & Liberpa Ltd v. Greece, 23.03.2000, Application no. 36706/97, §
4; Zegwaard & Zegwaard B.V. v. the Netherlands, 9.09.1998, Application no. 26493/95, §§ 34–51.
300
Cf. Recitals (12) to (15), Directive (EU) 2016/343 of the European Parliament and of the
Council of 9.03.2016 on the strengthening of certain aspects of the presumption of innocence and
of the right to be present at the trial in criminal proceedings. For the first general comments on the
Directive see, e.g., Cras and Erbežnik (2016), p. 25 et seq.; Lamberigts (2016a), p. 36 et seq.; Id.
(2016b); Camaldo (2016); Canestrini (2016), p. 2224 et seq.; De Caro (2016).
301
See, among others, De Moor Van Vugt (2012), p. 18 et seq.; Weyembergh (2013), p. 548 et seq.;
Tomkin (2014), p. 1391 et seq.; Amalfitano (2017), p. 1019; D’Ambrosio (2017), pp. 1040–1041.
302
See, e.g. Garlsson Real Estate SA, Case C-537/16.
proceedings may result critical in practice in those countries where only forms of—
officially—administrative liability have been implemented.
Against this background, in the EU recognizing a satisfactory level of protection
from transnational bis in idem to legal persons, like banks, is a goal often far from
being achieved. Even more worryingly the scope of the principle as such in the
areas of criminal and administrative punitive liability results scarcely predictable:
“a veritable Sargasso Sea which could not fail to challenge the most intrepid judicial
navigator”.303
2.3.4 Gathering Information Within Multi-Disciplinary

Cooperation Networks
A last profile related to the interconnection of administrative and criminal matters

plays a fundamental role in today banking investigation: The dissemination of evi-
dence in cooperation networks.
Thanks to the polyvalent relevance, in terms of liability, of certain conducts,
many criminal financial investigations originate from notifications sent to judicial
authority, when reasonable suspicions of crime emerge in administrative
proceedings.
Administrative authorities—generally banking regulators, securities market anti-
trust supervisors, or tax agencies—may gather criminally relevant information
either during their investigations, sharing the elements collected through coopera-
tion agreements with prosecutorial and/or law-enforcement authorities, or thanks to
the obligation imposed on financial institutions to directly report any suspicious
activity to their supervisor(s).
Due to the scale and intrinsic complexity of the financial markets, and of appli-
cable legal frameworks, in multi-level legal orders like the EU and the US, financial
operators are normally overseen by numerous governmental and/or independent
administrative agencies, so that the responsibility to carry out financial criminal
inquiries rarely relies on a single investigating body.
In the US, banking regulatory tasks are shared—just to mention the federal
level—among the Office of the Comptroller of the Currency, the Federal Reserve,
the Federal Deposit Insurance Corporation, the Securities Exchange Commission
and, until 2010, the Office of Thrift Supervision.304 A proliferation of competent
authorities at the central level characterizes the US system also on the side of crimi-
nal inquiries, where investigative powers are commonly shared among federal attor-
neys and several law-enforcement agencies, such as: The Federal Bureau of
Investigation, the Drug Enforcement Administration, the US Marshals Service
(under the Department of Justice); the US Customs and Border Protection, the US
303
Albernaz v. United States, 450 U.S. 333, 343 (1981). For the impact of this case-law, as applied
in the EU legal framework, to banking supervision, see below Sect. 6.3.5–6.3.6.
304
The competence and powers of these authorities in the US are illustrated in Chap. 5.
Immigration and Customs Enforcement, the US Secret Service, and the Homeland
Security Investigations (under the Department of Homeland Security); not to men-
tion the criminal division of the Internal Revenue Service (under the Department of
the Treasury).
In the EU, the situation about criminal prosecution is even more fragmented,
where—also for crimes with a transnational European dimension—competent
authorities are mostly established at national level. Accordingly, the interaction
between criminal and administrative matters usually occurs first at national level
(among prosecutors, investigating judges, law-enforcement, banking supervisors,
and tax and customs agencies of each single Member State), and then (eventually)
at transnational level.
The strict national dimension of criminal prosecution is however partially dero-
gated in the area of financial investigations, as (so far) only in this field the European
Union managed to establish some form of quasi-federal investigative body, namely
the European Anti-Fraud Office (better known as OLAF, in its French acronym),
and the European Public Prosecutor Office (EPPO), where national authorities have
(or will have, in the EPPO case) to cooperate with in a vertical dimension that is
added to the ones previously illustrated.305
OLAF, created since 1999 to face the consequences of the Santer scandals,306 is
an independent office placed within the European Commission, granted with broad
administrative investigative powers concerning any irregularity affecting the budget
of the EU.
The Office plays an extremely relevant role in this field, because it investigates
over conducts which may well also be target of criminal inquiries (such as in case
of corruption, misappropriation of funds, or fraud) and operates within a very broad
cooperation network that keeps together different types of tax, custom and criminal
authorities. Nonetheless, once OLAF has terminated its investigations, the Office
has no power to bring a case to court, and the choice to prosecute or not is entirely
remitted to the discretion of national authorities.307
305
For a rather recent analysis of the cooperation in this area see, among others, Luchtman (2017),
p. 191; Kuhl (2017), p. 135 et seq.
306
Cf. Commission Decision of 28.04.1999 establishing the European Anti-fraud Office (OLAF),
1999/352/EC, ECSC, EURATOM, and following amendments (Commission Decision 2013/478/
EU of 27.09.2013; Commission Decision (EU) 2015/512 of 25.03.2015). In 1999, Jacques Santer,
the head of the European Commission, and his fellow commissioners, were forced to resign en
masse over a corruption scandal, concerning fraud and nepotism for serious management failings.
For press reports of the scandal see, e.g., Bates (1999); BBC, EU plunges into crisis, 16.03.1999.
http://news.bbc.co.uk/2/hi/europe/297457.stm. Accessed 18 July 2018.
307
Cf. Article 11, Regulation (EU, Euratom) No 883/2013 of 11.09.2013 concerning investigations
conducted by the European Anti-Fraud Office (OLAF) and repealing Regulation (EC) No
1073/1999 and Council Regulation (Euratom) No 1074/1999. The Regulation is currently under
revision, see European Commission, Proposal for a Regulation of The European Parliament and of
the Council amending Regulation (EU, Euratom) No 883/2013 as regards the establishment of a
Controller of procedural guarantees, Brussels, 11.6.2014 COM(2014) 340 final 2014/0173 (COD);
see also Luchtman and Vervaele (2017).
The European Public Prosecutor, on the contrary, was granted both investigative
and indictment powers against serious crimes affecting the financial interests of the
Union (the so-called “PIF” crimes308) and other criminal offences “inextricably
linked” to the criminal conduct mentioned above.309 Within its scope, the EPPO thus
represents the Union body that is more reassembling a sort of “federal” structure,
although several are its structural features that heavily suffered from the lack of
political consensus in the long negotiations that brought to its creation.
First, the Office was created with an enhanced cooperation procedure to which to
date not all EU Member States have adhered.310 Second, the internal organization of
the EPPO, contrary to the initial Commission’s proposal, is now built upon a colle-
gial structure that emphasizes the national origin of prosecutors, putting the entire
project at risk of being sieged by national interests. Lastly, cases with European
dimensions processed by the Office will not be tried at European, but at national
level, and therefore following different national procedural rules, which in practice
represents a formidable disincentive in having prosecutors investigating over cases
originated in jurisdictions different than that of their own nationality (beyond what,
presumably, they do not possess the necessary legal expertise).311
The situation is only slightly more simplified when it comes to banking
oversight.
Indeed, also in the EU financial supervision is involving several authorities,
which, just with specific regard to the credit institutions, include the European
Banking Authority (EBA), the European Central Bank (ECB), and the Member
States’ National Competent Authorities (NCAs), often, but not always represented
by national central banks.312
Since late 2014, in particular, the ECB has taken supervisory functions towards
banks with the creation of the Single Supervisory Mechanism (SSM), whose inves-
tigative and sanctioning powers represent one of the most relevant innovation in the
308
As defined by the PIF Directive (2017/1371), cit., substituting the previous “PIF Convention”
(Council Act of 26.07.1995 drawing up the Convention on the protection of the European
Communities’ financial interests), and its Protocols, from 6.07.2019. These offences include:
Fraud (VAT fraud only if the damage involved is of at least 10 million euros), corruption, and
misappropriation affecting the EU financial interests, as implemented by national law.
309
Cf. Article 22, of the Council Regulation (EU) 2017/1939 of 12.10.2017 implementing enhanced
cooperation on the establishment of the European Public Prosecutor’s Office (hereinafter “EPPO
Regulation”).
310
After long and troubled negotiations, the procedure was launched on 3.04.2017. Up until now
[June 2019] 22 Member States have joined the enhanced cooperation (PL, SE, HU, IE, DK and UK
have still not accessed the EPPO). Cf. https://ec.europa.eu/info/law/cross-border-cases/judicial-
cooperation/networks-and-bodies-supporting-judicial-cooperation/european-public-prosecutors-
office_en. Accessed on 15 June 2019.
311
These and other critical profiles of the EPPO have been widely stressed out by legal scholars see,
e.g., Ligeti (2018); Caianiello (2013), pp. 115–125; Ligeti and Simonato (2013); Allegrezza
(2013); Luchtman and Vervaele (2014b); Salazar (2017); Lupo (2014); Mitsilegas and Giuffrida
(2018).
312
The role and powers of these authorities, and of the other authorities composing the European
System of Financial Supervision will be illustrated in Chap. 4.
European legal framework of the last few years, and whose implications under a
criminal law perspective are analysed in detail in the course of this work.313
The concomitant presence of all these administrative and judicial agencies within
a same territory, often with competences over the same subjects, and with some-
times overlapping but still diverging goals, clearly shows how the coordination
issue has become pivotal at all levels.
Indeed, cooperation of financial and banking institutions with supervisory
authorities is essential to supply the latter with due information about alleged irreg-
ularities; and coordination among regulatory supervisors is necessary to realize both
an efficient oversight, and to allow judicial authorities to promptly counteract
against financial crimes. This aim does not only answer to general workability rea-
sons, but, both in the US and in the EU, shall also be assessed in light of the effi-
ciency standards set on the matter by the Core Principles of the Basel Committee on
Banking Supervision.314
To achieve this, effective rules are needed, either at the legislative and/or inter-
agency level; good regulations (however) are often not enough to ensure satisfactory
results: When it comes to cooperation, mutual trust and personal relationships still
play a critical role for success.315
That is clearly showed by the US and EU examples.
On paper, the US cooperation model seems to work rather smoothly as long as
criminal offences are involved, thanks to the leading principle according to which if
a crime is discovered or suspected during an administrative inquiry, all evidence
collected should be reported to the competent criminal agencies, with generally no
restriction whatsoever concerning their further use.
Nonetheless, as it will be analysed in the course of this work, in practice the high
number of federal regulators, and their sometimes-overlapping partition of compe-
tences represent overseas a most debated issue.316 Indeed, as illustrated by the US
Senate Permanent Subcommittee on Investigations in its analysis on the breaking
out of the 2006–2008 financial crisis, the undertaking of contemporary or subse-
quent parallel proceedings by different authorities has often resulted in open rivalry
rather than institutional collaboration.317
313
Cf. Sect. 4.4 for the description of the SSM supervisory, investigative and sanctioning powers;
and Chap. 6 for the analysis of the latter in light of the Basel Core Principles, and of the Engel
criteria and the fair trial rights.
314
The Core Principles are analysed in Sect. 3.5.
315
That is particularly evident in the field of the so-called “spontaneous cooperation” “one of the
most innovative and interesting tools for closer co-operation in fighting serious crimes. The
boosted circulation of information is, in fact, indicative of a renovated and advanced conception of
relationships between judicial authorities, which finds its most meaningful expression in the co-
ordination of parallel investigations”, cf. Simonato (2011), p. 220; Calvanese (2003).
316
See, e.g., Myers II (2011), p. 1849. The critical issues arising from cooperation within the US
supervisory system are analysed in Sect. 6.1.2.
317
Cf. U.S. Senate Permanent Subcommittee on Investigations (2011), p. 4 et seq.; U.S. Senate
Permanent Subcommittee on Investigations (2010).
Moreover, while the obligation to directly share with criminal authorities all
potentially relevant elements gathered during administrative inquiries certainly lifts
the efficiency of investigations up under a prosecutorial point of view, when (often)
data are collected by administrative authorities lacking substantive procedural guar-
antees, that also raises substantial concerns in relation to defence rights, privacy
protection, and the risk of double jeopardy.
In the EU, the principle of sincere cooperation is expressed by Article 4(3) of the
Treaty on European Union (TEU), which establishes the duty for Member States to
assist each other in ensuring the fulfilment of the Treaty obligations.318 Within this
general provision, administrative and judicial cooperation has notably increased in
its horizontal, vertical and diagonal (cross-sectoral) dimensions.319
Contrary to the US however, at Union level not all the information gathered dur-
ing administrative investigations may freely circulate for purposes different from
those they had been collected for. That is the case, for example, of inquiries carried
out by the Commission through the Directorate-General for Competition, where
information, notwithstanding its potential multidisciplinary value, can only be used
for the purposes of ensuring the internal market protection from conducts causing
prevention, restriction or distortion of competition.320 The most critical situation,
however, concerns the case in which information are disseminated between admin-
istrative and criminal proceedings, given the different level of guarantees provided
for in the two systems for the persons affected by the investigations. This case,
which has been partially examined by the Court of Justice in its 2015 renown deci-
sion WebMindLicence, originates fundamental critical issues also in the field of
banking supervision and investigation and, under this perspective, is accordingly
analysed in the course of this work.321
318
Consolidated version of the Treaty on European Union, C 326/13 Official Journal of the EU,
26.10.2012, Article 4(3) “Pursuant to the principle of sincere cooperation, the Union and the
Member States shall, in full mutual respect, assist each other in carrying out tasks which flow from
the Treaties. The Member States shall take any appropriate measure, general or particular, to
ensure fulfilment of the obligations arising out of the Treaties or resulting from the acts of the
institutions of the Union. The Member States shall facilitate the achievement of the Union’s tasks
and refrain from any measure which could jeopardise the attainment of the Union’s objectives”.
319
For a general analysis of the different cooperation models in the EU, see Klip and Vervaele
(2002), pp. 9–47; Klip (2016), p. 373 et seq. For an analysis of the theme applied to VAT and cus-
toms fraud, see Tesoriero (2016).
320
According to Articles 101–102 of the Treaty (former Articles 81–82), cf. Article 12, Council
Regulation (EC) No 1/2003 of 16.12.2002 on the implementation of the rules on competition laid
down in Articles 81 and 82 of the Treaty; Article 15(4), Commission Regulation (EC) No 773/2004
of 7.04.2004 relating to the conduct of proceedings by the Commission pursuant to Articles 81 and
82 of the EC Treaty; Articles 107–142, Commission Notice on Best Practices for the Conduct Of
Proceedings Concerning Articles 101 and 102 TFEU, 2011/C 308/06; Article 48, Commission
Notice on the Rules for Access to the Commission File in Cases Pursuant to Articles 81 and 82 of
the EC Treaty, Articles 53, 54 and 57 of the EEA Agreement and Council Regulation (EC) No
139/2004, OJ C 325, 22.12.2005, p. 7–15; Recital (33), Commission Notice on Immunity from
Fines and Reduction of Fines in Cartel Cases, 2006/C 298/11.
321
WebMindLicenses, Case C-419/14. Cf. Sect. 6.1.3 and, with special focus on the privilege
against self-incrimination, Sect. 6.3.5.
2.4 Methodology: Transversal Comparative Approach Applied to a Complex… 71
Against this fragmented background, anyway, also European cooperation net-

works, similarly to the US, highly rely upon the authorities’ willingness to exchange
information and enforce the requests issued by foreign counterparts. This conclu-
sion is not challenged by the most recent EU legislation on the matter, and in par-
ticular by Directive 2014/41 establishing the European Investigation Order (EIO).
Regardless of being adopted to strengthen cooperation practices, and the exchange
of evidence within the EU, in fact, many legal scholar highlighted how this tool
provides for such a huge amount of grounds for refusal to cooperation requests, that
de facto leaves the execution of the investigative orders to the discretional choice of
the requested agency.322
In the following analysis, therefore, a comprehensive perspective is adopted, that
considers the impact of multi-disciplinary actors and regulations in defining the
content of procedural rules and rights.
2.4 Methodology: Transversal Comparative Approach

Applied to a Complex and Hybrid Legal Framework
To carry out the present analysis, a transversal comparative approach has been
adopted.
In particular, the substantial nature of banking supervisory sanctions, and there-
fore the applicable procedural rights, and real-time monitoring of financial data are
discussed comparing two selected legal orders, that is the European Union, and the
United States. The reason why these countries have been picked up is twofold.
First, they represent two of the most developed banking systems in the world,
both for their historical background, and their actual weight in the global financial
market. Secondly, the EU and the US are complex legal orders, organized in multi-
level structures.
The concept of “multi-level” governance was developed starting from the 1980s
in the field of political science and public administration theory, and successfully
applied in the context of studies on the European integration after the entry into
force of the Maastricht Treaty. Although the very meaning of “level” may appear
quite hard to define, the expression “multi-level” is here used to describe a legal
system characterized by the presence of several authorities, at domestic as well as at
central or federal level that: (a) operate in an environment of simultaneous and com-
plex interaction; (b) are not included in a strict hierarchical organization; (c) share
322
Directive 2014/41/EU of 3.04.2014 regarding the European Investigation Order in criminal mat-
ters. For an overall analysis on the EIO Directive, see, e.g., Ruggeri (2013), p. 279 et seq.; Daniele
(2017b); Allegrezza (2014), p. 51 et seq.; Caianiello (2015), p. 1; Caianiello and Di Pietro (2016);
Daniele (2017a), p. 418 et seq. For an analysis of the impact of the directive with regard to banking
investigations, and especially real-time monitoring of banking records see below Sect. 7.5.
governance responsibilities, and competences; and (d) are often internally shaped
by uneven principles.323
Within this structure, the variables mentioned above—the existence and need of
extensive cooperation networks, and the enforcement of the prohibition of bis in
idem—already relevant in domestic criminal justice system due to the interaction
between administrative and criminal law, are emphasized, and assume a pivotal role
in shaping the effectiveness and fairness of any punitive paradigm.
Global dimension impact, and multi-level organization are also elements that
make the comparative analysis between the EU and the US a meaningful operation,
regardless for the existence of other relevant differences, starting from the fact that
the United States is a well-established federal legal order, more than 200-years old.
The European Union on the other side, consists of a particularly complicated sys-
tem, which results from the interaction of numerous and different national, suprana-
tional and intergovernmental legal sources, that often provide for dissimilar
requirements and standards of protection.
This notwithstanding, in the field of banking investigations the US multi-level
structure does not appear much more simplified than the European one. Indeed, as
shown by the last financial crisis, the American financial system is characterized by
an intricate network of agencies, whose tasks are not always easily distinguishable
from another,324 and which are placed within a framework devoid of a ne bis in idem
principle applicable between federal and local level.
In light of these common features, a comparative analysis between the US and
the EU can be usefully carried out, keeping in mind that the legal system of the latter
does not have (at least yet) an autonomous status, but it rather appears as a hybrid of
supranational and national regulations.
Indeed, especially but not exclusively regarding procedural rules, the EU pres-
ents a legal framework deeply affected by the complexity of transnational relations,
and a highly fragmented criminal policy, which—in its constant search for harmo-
nization and approximation—shows all its political limitations.325
The Lisbon Treaty explicitly included legal basis for the EU competence in crim-
inal matters,326 which has been further strengthened by the recognition of full juris-
323
See Hooghe et al. (1996), pp. 341–378; Hooghe and Marks (2001); Id. (2010), pp. 17–31.
324
The structure of the US supervisory financial system is dealt with in Chap. 5.
325
The difference between harmonization and approximation methods, both explicitly specified by
Articles 81–82 TFEU, is not always clearly identifiable, since they share the same goals, even if the
latter is mainly oriented towards the concurrence of legislative texts, rather than principles, and
represents a weaker stimulus for the integration process, cf. Klip (2016), p. 33; Kostoris (2017),
p. 68 et seq. In general terms on the fragmentation and hybrid legal basis of EU law concerning
economic and financial criminal law, see Blomsma (2017), p. 225 et seq.
326
Cf. Consolidated version–Treaty on the Functioning of the European Union, C 326/52 Official
Journal of the European Union 26.10.2012, Title V, Area of Freedom, Security and Justice, Articles
67–89, and especially Articles 82–89.
2.4 Methodology: Transversal Comparative Approach Applied to a Complex… 73
diction to the Court of Justice on the Area of Freedom, Security and Justice (AFSJ)
starting from 1st December 2014.327
This transition marked the official end of the “third pillar”, even though not the
exhaustion of all the peculiarities of this area.328 As a result, the EU criminal justice
system represents neither a homogeneous paradigm, structured in the way internal
national legal orders usually are, nor a proper federal one, still lacking a real
democratic accountability for criminal policy choices, and clear identification of its
objectives and scope of application.
In the middle of the integration process, whose outcomes are far from being
foreseeable, the AFSJ—besides for the recent creation of a European Public
Prosecutor Office (EPPO)329—also persists in missing an autonomous European
judicial system, as well as a systematic repartition of competences between the
central and the local levels, even though the Treaty clearly lists this Area among
those whose responsibility is shared between the EU and the Member States.330
While the creation of the EPPO represents a first step towards a more “federal”
idea of Europe, this fragmented situation persists so far, as also the new investigat-
ing authority will be acting in a highly hybrid legal system.331
Indeed, shared competence and acknowledgment of the supremacy of suprana-
tional law are not yet undisputed features in the EU as it is typically in most federal
legal order.332 In the US, moreover, these principles are applied in a context where
327
Cf. Article 10(1)–(3), Protocol (No 36) on Transitional Provisions concerning acts adopted on
the basis of Titles V and VI of the Treaty on European Union prior to the entry into force of the
Treaty of Lisbon.
328
Such as the possibility of opting-in (DK) and out (IE, UK); the emergency break procedure, and
the substantial limitation in the subject (both on a substantive and procedural law perspective).
329
Cf. above, Sect. 2.3.4.
330
Cf. Article 4(2)(j) TFEU: “Shared competence between the Union and the Member States
applies in the following principal areas: […] area of freedom, security and justice” and Article 325,
para 3 and 5: “Without prejudice to other provisions of the Treaties, the Member States shall coor-
dinate their action aimed at protecting the financial interests of the Union against fraud. To this end
they shall organise, together with the Commission, close and regular cooperation between the
competent authorities […] The Commission, in cooperation with Member States, shall each year
submit to the European Parliament and to the Council a report on the measures taken for the imple-
mentation of this Article”.
331
Cf., e.g., Article 5(3)—determining the applicable legal basis—and Articles 36 and 42—deter-
mining the jurisdiction of national Courts and of the CJEU-of the EPPO Regulation.
332
Even if it is “a cornerstone principle of Community law”, the principle of primacy of EU law is
not explicitly stated in the Treaties, even if this fact “shall not in any way change the existence of
the principle and the existing case-law of the Court of Justice, which firstly developed its content”
(see Judgment in Flaminio Costa v E.N.E.L., Case 6–64, 15.07.1964, ECLI:EU:C:1964:66), cf. 17.
Declaration concerning primacy, in TFEU, A.1.Declarations Concerning Provisions of the Treaties
(“The Conference recalls that, in accordance with well settled case law of the Court of Justice of
the European Union, the Treaties and the law adopted by the Union on the basis of the Treaties
have primacy over the law of Member States, under the conditions laid down by the said case
law”), and attached Final Act the Opinion of the Council Legal Service on the primacy of EC law
as set out in 11197/07 (JUR 260).
In the US, the same principle, expressed by article VI, Sec. 2 US Constitution (“This
Constitution, and the laws of the United States which shall be made in pursuance thereof; and all
local and federal law possess each an intrinsic autonomy.333 On the contrary in the
EU former “third pillar” area, most legislative texts at central level adopt the form
of a directive, an act which is generally not self-executing, and that becomes
enforceable only after its transposition by national legislators: A phenomenon that
is unknown to the American federal system.
Therefore, while in the US the applicable federal law is defined by the combina-
tion of federal statutory legislation and case-law, in the EU the applicable European
law is resulting from the combination of EU legislation, CJEU case-law, and
national transposing legislation (not to mention the fundamental role played by the
European Court of Human Rights, and the case-law of national courts on domestic
legislation implementing EU acts). As a result, the Union’s competence in criminal
policy is deeply characterized by a hybrid structure, in which national and EU law
may apply together at the same time, integrating each other.334
This feature, which notably differentiates the legal bases grounding the US and
the EU criminal justice systems, shall be kept in mind in starting the analysis on the
new frontiers of banking and financial investigations, one of the fields in which the
Union’s criminal competences are today more developed.
References
Adler AJ (2014) Dual sovereignty, due process, and duplicative punishment: a new solution to an
old problem. Yale Law J 124(2):448
Ajello NJ (2015) Fitting a square peg in a round hole: bitcoin, money laundering, and the fifth
amendment privilege against self-incrimination. Brooklyn Law Rev 80(2):435–461
Allegrezza S (2012) sub art. 4, Prot. 7, CEDU. In: Bartole S, De Sena P, Zagrebelsky V (eds)
Commentario breve alla Convenzione europea per la salvaguardia dei diritti dell’uomo e delle
libertà fondamentali. CEDAM, Padova, p 894 et seq
Allegrezza S (2013) Verso una Procura europea per tutelare gli interessi finanziari dell’Unione.
Idee di ieri, chances di oggi, prospettive di domani, in Dir. pen. cont., 31 ottobre 2013
Allegrezza S (2014) Collecting criminal evidence across the European Union: the European inves-
tigation order between flexibility and proportionality. In: Ruggeri S (ed) Transnational evi-
dence in multicultural inquiries in Europe developments in EU legislation and new challenges
for human rights-oriented criminal investigations in cross-border cases. Springer, Heidelberg,
pp 51–67
Allegrezza S (2017) Commento all’art. 48. In: Mastroianni R, Pollicino O, Allegrezza S, Pappalardo
F, Razzolini O (eds) Carta dei diritti fondamentali dell’Unione europea. Giuffrè, Milano, p 946
treaties made, or which shall be made, under the authority of the United States, shall be the supreme
law of the land; and the judges in every state shall be bound thereby, anything in the Constitution
or laws of any State to the contrary notwithstanding”) has also been affirmed in several leading
cases, see, e.g., McCulloch v Maryland, 17 U.S. 316 (1819); Gibbons v Ogden, 22 U.S. 1 (1824);
Hammer v Dagenhart 247 U.S. 251 (1918).
333
For instance, as provided by the Tenth Amendment of the US Constitution: “The powers not
delegated to the United States by the Constitution, nor prohibited by it to the states, are reserved to
the states respectively, or to the people”.
334
Cf. Klip (2016), p. 1 et seq.
References 75
Amalfitano C (2002) Dal ne bis in idem internazionale al ne bis in idem europeo. Rivista di Diritto
Internazionale Privato e Processuale 38:923–960
Amalfitano C (2009) La risoluzione dei conflitti di giurisdizione in materia penale, in Dir. pen.
proc., 1293 et seq
Amalfitano C (2012) La discutibile inderogabilità del ne bis in idem in virtù dell’art. 50 della Carta
dei diritti fondamentali dell’Unione europea, in Giur. merito, p 1620 et seq
Amalfitano C (2017) Commento all’art. 50. In: Mastroianni R, Pollicino O, Allegrezza S,
Pappalardo F, Razzolini O (eds) Carta dei diritti fondamentali dell’Unione europea. Giuffrè,
Milano, p 1016 et seq
Amar AR (1997) Double jeopardy law made simple. Yale Law J 106:1807. Faculty Scholarship
Series, 1-1-1997, Paper 943
Amar AR, Marcus JL (1995) Double Jeopardy law after Rodney King. Columbia Law Rev 95:1
Badr GM (1978) Islamic law: its relation to other legal systems. Am J Comp Law 26:187. Spring
1978 [Proceedings of an International Conference on Comparative Law, Salt Lake City, Utah,
February 24–25, 1977]
Barth JR, Caprio G Jr, Nolle DE (2004) Comparative international characteristics of banking, in
OCC Economics working paper, 1:1–77
Bates S (1999) Santer: sleepwalking into a scandal, in The Guardian, 16 March 1999. https://www.
theguardian.com/world/1999/mar/16/eu.politics4. Accessed 18 July 2018
Beale SS (2014) The development and evolution of the U.S. law of corporate criminal liability.
ZStW 126:27–54
Beale SS, Safwat AG (2004) What developments in Western Europe tell us about American cri-
tiques of corporate criminal liability. Buffalo Crim Law Rev 8:89–163. 97–98
Black J (2010) Managing the financial crisis–the constitutional dimension. LSE Law, Society and
Economy Working Papers 12/2010
Bleichrodt E (2006) Ne Bis in Idem. In: van Dijk P, van Hoof F, van Rijn A, Zwaak L (eds) Theory
and practice of the European convention on human rights, 4th edn. Intersentia, Cambridge,
p 983
Blomsma J (2017) Challenges in the field of economic and financial crime from a European per-
spective. In: Franssen V, Ligeti K (eds) Challenges in the field of economic and financial crime
in Europe and the US. Hart Publishing, Oxford, p 225 et seq
Böse M (2017) The consecutive application of different types of sanctions and the principle of Ne
Bis in Idem: the EU and the US on different tracks? In: Franssen V, Ligeti K (eds) Challenges
in the field of economic and financial crime in Europe and the US. Hart Publishing, Oxford,
p 211 et seq
Braun DA (1992) Praying to false sovereigns: the rule permitting successive prosecutions in the
age of cooperative federalism. Am J Crim Law 20:1. 10
Brickey KF (2006) The changing face of white-collar crime: in Enron’s wake: corporate executives
on trial. J Crim Law Criminol 96:397. Symposium Winter 2006
Brito J, Hoegner S, Friedman J, Rae N, Osborne P (2015) The law of Bitcoin. iUniverse, Indiana
Bronckers M, Vallery A (2011) No longer presumed guilty? The impact of fundamental rights on
certain dogmas of EU competition law. World Compet 4:542
Bryans D (2014) Bitcoin and money laundering: mining for an effective solution. Indiana Law
J 89:441–472
Bulnes J (2008) European arrest warrant and surrender procedures: essential guarantees. In: De
Hoyos Sancho M (ed) El proceso penal en la Uniòn Europea. Garantias esenciales/Criminal
Proceedings in the EU. Essential safeguards. Lex Nova, Valladolid, p 289
Caianiello M (2013) The proposal for a regulation on the establishment of an European public
prosecutor’s office: everything changes, or nothing changes? Eur J Crime Crim Law Crim Just
21:115–125
Caianiello M (2015) La nuova direttiva UE sull’ordine europeo di indagine penale tra mutuo ricon-
oscimento e ammissione reciproca delle prove, in Proc. pen. e giust., 3, 1
Caianiello M, Di Pietro A (eds) (2016) Indagini penali e amministrative in materia di frodi IVA
e doganali. L’impatto dell’European Investigation Order sulla cooperazione transnazionale.
Cacucci, Bari
Calvanese E (2003) Cooperazione giudiziaria tra stati e trasmissione spontanea di informazioni,
in Cass. pen., 2:452
Camaldo L (2016) Presunzione di innocenza e diritto di partecipare al giudizio: due garanzie
fondamentali del giusto processo in un’unica Direttiva dell’Unione europea, in Dir. pen. cont.,
23 marzo 2016
Camina OS (1981) Note, selective preemption: a preferential solution to the Bartkus-Abbate Rule
in successive federal-state prosecutions. Notre Dame Law 57:340. 362–363
Canestrini N (2016) La direttiva sul rafforzamento di alcuni aspetti della presunzione di innocenza
e del diritti di presenziare al processo nei procedimenti penali, in Cass. pen., p 2224
Cappel A (2017) The necessity of compliance programmes under German Law-‘Burden’ or
‘Blessing’? In: Franssen V, Ligeti K (eds) Challenges in the field of economic and financial
crime in Europe and the US. Hart Publishing, Oxford, pp 57–78
Caprio G Jr, Klingebiel D (2003) Episodes of systemic and borderline banking crises. World Bank,
Mimeo
Caprioli F (2010) Sui rapporti tra ne bis in idem processuale e concorso formale di reati, in Giur.
it., p 1183
Cerqua LD, Canzio G, Lupária L (eds) (2014) Diritto penale delle società. CEDAM, Padova
Chinn P (2013) A deal is a deal: plea bargains and double jeopardy after Ohio v. Johnson. Seattle
Univ Law Rev 37:285–306
Christopher CM (2014) Whack–a–mole: why prosecuting digital currency exchanges won’t stop
online money laundering. Lewis Clark Law Rev 18:1–36
Clifford Chance (ed) (2012) Corporate liability in Europe, London
Coffee JR (1981) No soul to damn: no body to kick: an unscandalized inquiry into the problem of
corporate punishment. Mich Law Rev 79:386
Cordero F (2012) Procedura penale, 9th edn. Giuffrè, Milano
Cranman EM (2000) Comment, The dual sovereignty exception to Double Jeopardy: a champion
of justice or a violation of a fundamental right? Emory Int Law Rev 14:1641. 1671–1674
Cras S, Erbežnik A (2016) The directive on the presumption of innocence and the right to be pres-
ent at trial. EUCRIM 1:25
Cunningham LA (2014) Deferred prosecutions and corporate governance: an integrated approach
to investigation and reform. Fla Law Rev 66:1
D’Ambrosio R (2017) Commento all’art. 50. In: Mastroianni R, Pollicino O, Allegrezza S,
Daniele M (2017a) L’ordine europeo di indagine penale (o.e.i.). In: Kostoris RE (ed) Manuale di
procedura penale europea, 3rd edn. Giuffrè, Milano, p 418 et seq
Daniele M (2017b) L’ordine europeo di indagine penale entra a regime. Prime riflessioni sul d. lgs.
n. 108 del 2017, in Dir. pen. cont., 28 luglio 2017
Dawson MA (1992) Note, Popular sovereignty, double jeopardy, and the dual sovereignty doc-
trine. Yale Law J 102:281. 302
De Amicis G (2014) Ne bis in idem e ‘doppio binario’ sanzionatorio: prime riflessioni sugli effetti
della sentenza ‘Grande Stevens’ nell’ordinamento italiano, in Riv. trim Dir. pen. cont., 3–4:201
De Caro A (2016) La recente direttiva europea sulla presunzione di innocenza e sul diritto
alla partecipazione al processo. http://www.quotidianogiuridico.it/documents/2016/02/23/
la-recente-direttiva-europea-sulla-presunzione-di-innocenza-e-sul-diritto-alla-partecipazione-
al-processo. Accessed 18 July 2018
De Moor Van Vugt A (2012) Administrative sanctions in EU law. Rev Eur Adm Law 5(1), Spring
2012
References 77
Di Federico G (2011) EU competition law and the principle of Ne Bis in Idem. Eur Public Law
17(2):241–260
Dova M (2015) Ne bis in idem e reati tributari: nuova condanna della Finlandia e prima aper-
tura della Cassazione (C. eur. dir. uomo, Quarta Sezione, sent. 10 febbraio 2015, Kiiveri c.
Finalandia) in Dir. pen. cont., 27 marzo 2015
EBA (2014) Opinion on ‘virtual currencies’, EBA/Op/2014/08, July 4, 2014. https://www.eba.
europa.eu/documents/10180/657547/EBA-Op-2014-08+Opinion+on+Virtual+Currencies.pdf.
Accessed 18 July 2018
Ehlermann CD (1994) Developments in community competition law procedures. EC Competition
Policy Newsletter 1(1):2. Spring 1994
European Parliament (2011) Directorate general for internal policies–policy department D: bud-
getary affairs, how does organised crime misuse EU funds?, May 2011. http://www.europarl.
europa.eu/meetdocs/2009_2014/documents/cont/dv/crime_misuse_/crime_misuse_en.pdf.
Everling U (2007) Die Mitgliedstaaten der Europäischen Union unter der Aufsicht von Kommission
und Gerichtshof. In: Depenheuer O, Heintzen M, Jestaedt M (eds) Festschrift for Isensee.
Müller, Heidelberg, pp 773–789
Everling U (2008) Zur Gerichtsbarkeit der Europäischen Union. In: Ipsen J, Stüer B (eds)
Festschrift for Rengeling. Carl Haymanns, Cologne, pp 527–531
FATF (2001) IX Special Recommendations, October 2001 (incorporating all subsequent amend-
ments until February 2008, including Combating the Abuse of Alternative Remittance Systems:
International Best Practices, June 2003, OECD, Paris). http://www.fatf–gafi.org/media/fatf/
documents/reports/FATF%20Standards%20-%20IX%20Special%20Recommendations%20
and%20IN%20rc.pdf. Accessed 16 July 2018
FATF (2012) International standards on combating money laundering and the financing of ter-
rorism & proliferation, February 2012. http://www.fatf-gafi.org/publicationsfatfrecommenda-
tions/documents/fatf-recommendations.html. Accessed 16 July 2018
FATF (2013) Report: the role of hawala and other similar service providers in money laundering
and terrorist financing, October 2013. http://www.fatf-gafi.org/publications/methodsandtrends/
documents/role-hawalas-in-ml-tf.html. Accessed 18 July 2018
FATF (2015) Report: emerging terrorist financing risks, October 2015; ESMA, Questions and
Answers. Investment-based crowdfunding: money laundering/terrorist financing, 1 July 2015.
http://www.fatf-gafi.org/media/fatf/documents/reports/Emerging-Terrorist-Financing-Risks.
pdf. Accessed 18 July 2018
FATF (2017) Report: financing of recruitment for terrorist purposes, January 2018. http://
www.fatf–gafi.org/media/fatf/documents/reports/Financing-Recruitment-for-Terrorism.pdf.
Ferran E (2012) Crisis-driven regulatory reform: where in the world is the EU going? In: Hill JG,
Moloney N (eds) The regulatory aftermath of the global financial crisis. Cambridge University
Press, Cambridge, p 1
Flick GM (2014a) Reati fiscali, principio di legalità e ne bis in idem: variazioni italiane su un tema
europeo, in Dir. pen. cont., 14 settembre 2014
Flick GM (2014b) Cumulo tra sanzioni penali e amministrative: doppio binario o binario morto?
(“materia penale”, giusto processo e ne bis in idem nella sentenza della Corte EDU, 4 marzo
2014, sul market abuse) in Riv. soc., fasc. 5:953–990
Flick GM, Napoleoni V (2015) A un anno di distanza dall’affaire Grande Stevens: dal bis in idem
all’e pluribus unum?, in Riv. AIC, n. 3:34
Franssen V, Ligeti K (eds) (2017) Challenges in the field of economic and financial crime in
Europe and the US. Hart Publishing, Oxford
Free C (2012) The Goldman sachs abacus 2007-ACI controversy: an ethical case study, January
19th 2012. http://www.e-ir.info/2012/01/19/the-goldman-sachs-abacus-2007-aci-controversy-
an-ethical-case-study/. Accessed 15 July 2018
FSB (2017) 2017 List of global systemically important banks (G–SIBs) 21 November 2017. http://
www.fsb.org/wp-content/uploads/P211117–1.pdf. Accessed 15 July 2018
Galantini N (2011) Il ne bis in idem nello spazio giudiziario europeo: traguardi e prospettive, Testo
della relazione al Workshop dell’Osservatorio permanente sulla criminalità organizzata su La
costruzione di uno spazio di libertà, sicurezza e giustizia nell’UE dopo il Trattato di Lisbona,
Siracusa, 23–24 aprile 2010, in Dir. pen. cont., 22 febbraio 2011
Galluccio A (2018) La Grande sezione della Corte di giustizia si pronuncia sulle attese questioni
pregiudiziali in materia di bis in idem, in Dir. pen. cont., fasc. 3
Garner BA (ed) (2014) Black’s law dictionary, 10th edn. Thomson Reuters, St. Paul
Garrett BL (2007) Structural reform prosecution. Va Law Rev 93:853
Garrett BL (2014) Too big to jail. How prosecutors compromise with corporations. Harvard
University Press, Cambridge
Goldstein M (2016) Goldman to pay up to $5 billion to settle claims of faulty mortgages, in NYT,
January 14, 2016
Goode E (2012) Stronger hand for judges in the ‘Bazaar’ of plea deals, in NYT, March 22, 2012
Gravenwarter C (1997) Verfahrensgarantien in der Verwaltungsgerichtsbarkeit: eine Studie zu
Artikel 6 EMRK auf der Grundlageeiner rechtsvergleichenden Untersuchung der Verwaltungs
gerichtsbarkeit Frankreichs, Deutschlands und Österreichs. Springer, Heidelberg
Groussot X, Pech L, Petursson G (2011) The scope of application of fundamental rights on mem-
ber states’ action: in search of certainty in EU adjudication, Eric Stein Working Paper, No. 1:
13–14
Gruber SM (2013) Trust, identity, and disclosure: are bitcoin exchanges the next virtual havens for
money laundering and tax evasion? Quinnipiac Law Rev 32(1):135–208
Haentjens M, De Gioia-Carabellese P (2015) European banking and financial law. Routledge,
London, recently published in its 2nd edition (2018)
Hamdami A, Klement A (2008) Corporate crime and deterrence. Stanford Law Rev 61(2):271
Hammond M (2005) United States v. Patterson: when does the Double Jeopardy clause protect
defendants in Federal Court? Am J Trial Advoc 29:467–468
Hansen JL (2010) Insider dealing defined: the EU court’s decision in Spector photo group. Eur
Company Law 7(3):98–105
Harris DJ, O’Boyle M, Beates EP, Buckley M (2014) Law of the European convention on human
rights, 3rd edn. Oxford University Press, Oxford
Hellmann KJ (1994) Note, The fallacy of dueling sovereignties: why the Supreme Court refuses to
eliminate the dual sovereignty doctrine. J Law Policy 2:149. 153–155
Henning PJ (2012) In Goldman programmer case, a way around Double Jeopardy, in NYT, Oct.
1, 2012. https://dealbook.nytimes.com/2012/10/01/in-goldman-programmer-case-a–way-
around-double-jeopardy/. Accessed 18 July 2018
Hooghe L, Marks G (2001) Multi-level governance and European integration. Rowman &
Littlefield, Lanham. XVI + 240 pp
Hooghe L, Marks G (2010) Types of multilevel governance. In: Enderlein H, Wälti S, Zürn M (eds)
Handbook on multilevel governance. Edward Elgar, Cheltenham, pp 17–31
Hooghe L, Marks G, Blank K (1996) European integration since the 1980s. State–centric versus
multi-level governance. J Common Mark Stud 34(3):341–378
Hopt KJ (2012) Corporate governance of banks after the financial crisis. In: Wymeersch E, Hopt
KJ, Ferrarini G (eds) Financial regulation and supervision. A post-crisis analysis. Oxford
University Press, Oxford, p 337
Hyde H (1995) Forfeiting our property rights. Cato Institute, Washington DC
Jagla SF (2007) Auf dem Weg zu einem zwischenstaatlichen ne bis in idem im Rahmen der
Europäischen Union. Peter Lang, Frankfurt am Main
Jones A, Sufrin B (2016) EU competition law. Text, cases, and materials, 6th edn. Oxford
University Press, Oxford
Kaal WA, Lacine TA (2014) The effect of deferred and non-prosecution agreements on corporate
governance: evidence from 1993–2013. Bus Lawyer 70:61
References 79
Khanna VS (1996) Corporate criminal liability: what purpose does it serve? Harv Law Rev
109:1477
King JE (1979) Note, The problem of Double Jeopardy in successive federal-state prosecutions: a
fifth amendment solution. Stanford Law Rev 31:477. 496–497
King M (2009) What went wrong? In: FSA, The Turner review. A regulatory response to the global
banking crisis, March 2009. http://www.fsa.gov.uk/pubs/other/turner_review.pdf. Accessed 12
Apr 2019.
Kleiman JA (2013) Beyond the silk road: unregulated decentralized virtual currencies continue to
endanger U.S. national security and welfare. National Secur Law Brief 4(1):59–78
Klein SR (2000) Double Jeopardy’s demise. Calif Law Rev 88(3):1001
Klip A (2016) European criminal law: an integrative approach, 3rd edn. Intersentia, Cambridge
Klip A, Vervaele JAE (2002) European cooperation between tax, customs and judicial authorities:
The Netherlands, England, and Wales, France and Germany. Kluwer Law International, The
Hague
Koering-Joulin R (1995) (Protocolle additionnel No 7) Article 4. In: Pettiti L, Decaux E, Imbert
P (eds) La Convention Européenne des Droits de l’Homme: Commentaire article par article.
Economica, Paris, p 1093 et seq
Kostoris RE (2017) Diritto europeo e giustizia penale. In: Id. (ed) Manuale di procedura penale
europea, 3rd edn. Giuffrè, Milano, p 68 et seq
Kuhl L (2017) Cooperation between administrative authorities in transnational multi-agency
investigations in the EU: still a long road ahead to mutual recognition? In: Franssen V, Ligeti
K (eds) Challenges in the field of economic and financial crime in Europe and the US. Hart
Publishing, Oxford, p 135 et seq
Labianca D (2017) La nuova dimensione del ne bis in idem: dal caso Grande Stevens a C. Cost. n.
102/2016. In: Cadoppi A, Canestrari S, Manna A, Papa M (eds) Diritto penale dell’economia,
vol I. UTET, Torino, p 115 et seq
Lamberigts S (2016a) The directive on the presumption of innocence. A missed opportunity for
legal persons? EUCRIM 1:36
Lamberigts S (2016b) The presumption of innocence (and the Right to be Present at Trial) Directive,
in European Law Blog, 3 May 2016. https://europeanlawblog.eu/2016/05/03/the-presumption-
of-innocence-and-the-right-to-be-present-at-trial-directive/. Accessed 17 July 2018
Lasagni G (2016) Profili critici sullo sviluppo della circolazione probatoria nell’Unione europea.
Alcuni parametri di valutazione dei sistemi di cooperazione europei alla luce della Direttiva
oei. In: Caianiello M, Di Pietro A (eds) Indagini penali e amministrative in materia di frodi IVA
Cacucci, Bari, p 341 et seq
Legros R (1964) L’avenir du droit pénal international. In: Mélanges offerts à Henri Rolin.
A. Pedone, Paris
Lenaertes K (2011) The Court of Justice of the European Union and the protection of fundamental
rights. Polish Yearb Eur Union Law 31:88 et seq
Ligeti K (2018) Toward a prosecutor for the European Union–draft rules of procedure, vol 2. Hart
Publishing, Oxford
Ligeti K, Simonato M (2013) The European Public prosecutor’s office: towards a truly European
Prosecution service? New J Eur Crim Law 4(1–2):7–21
Liikanen E (chaired by) High-level Expert Group on reforming the structure of the EU banking
sector, Final Report, Brussels, 2 October 2012. http://ec.europa.eu/internal_market/bank/docs/
high-level_expert_group/report_en.pdf. Accessed 18 July 2018
Lopez DE (2000) Note, Not twice for the same: how the dual sovereignty doctrine is used to cir-
cumvent Non Bis in Idem. Vanderbilt J Transnational Law 33:1263. 1300–02
Luchtman M (ed) (2013) Choice of forum in cooperation against EU financial crime. Eleven
International Publishing, The Hague
Luchtman M (2017) Transnational multi-disciplinary investigations and the quest for compatible
procedural safeguards. In: Franssen V, Ligeti K (eds) Challenges in the field of economic and
financial crime in Europe and the US. Hart Publishing, Oxford, p 191
Luchtman M, Vervaele JAE (2014a) Enforcing the market abuse regime: towards an integrated
model of criminal and administrative law enforcement in the European Union? New J Eur Crim
Law 5(2):192–220
Luchtman M, Vervaele JAE (2014b) European agencies for criminal justice and shared enforce-
ment (Eurojust and the European Public Prosecutor’s Office). Utrecht Law Rev 10(5):132–150
Luchtman M, Vervaele JAE (2017) Report. Investigatory powers and procedural safeguards:
Improving OLAF’s legislative framework through a comparison with other EU law enforce-
ment authorities (ECN/ESMA/ECB). https://dspace.library.uu.nl/..../Report_Investigatory_
powers_and_procedural_safeguards. Accessed 15 July 2018
Lupária L (2010) Processo Penale e Reati Societari: fisionomia di un modello “invisibile”, in Riv.
dottori comm., fasc. 4:801–808
Lupária L (2017) Commento all’art. 48. In: Mastroianni R, Pollicino O, Allegrezza S, Pappalardo
et seq
Lupo E (2014) Competenza dell’Ufficio del Procuratore europeo: esclusiva, primaria o con-
corrente?, Relazione alla 12ma Conferenza OLAF dei Procuratori Antifrode “Le indagini
dell’Ufficio del Procuratore Europeo: cosa pensano gli addetti ai lavori?”, Roma, 27 ottobre
2014
Malone A (2014) Bitcoin and other virtual currencies for the 21st century. CreateSpace Independent
Publishing Platform, Scotts Valley
Manes V (2012) sub art. 7 CEDU. In: Bartole S, De Sena P, Zagrebelsky V (eds) Commentario
breve alla Convenzione europea per la salvaguardia dei diritti dell’uomo e delle libertà fonda-
mentali. CEDAM, Padova, p 258 et seq
Mangiaracina A (2014) A new and controversial scenario in the gathering of evidence at the
European level: the proposal for a directive on the European investigation order. Utrecht Law
Rev 10(1):113
Marian O (2015) A conceptual framework for the regulation of cryptocurrencies. Univ Chicago
Law Rev 82:53–68
Marletta A (2013) Il principio di proporzionalità nella disciplina del mandato d‘arresto europeo.
PhD Dissertation thesis, Alma Mater Studiorum (unpublished). http://amsdottorato.unibo.
it/6133/. Accessed 15 July 2018
Marletta A (2017) A new course for mutual trust in the AFSJ? Transnational ne bis in idem and
the determination of the merits of the case in Kossowski. New J Eur Crim Law 8(2):108–115
Matz R (1997) Note, Dual sovereignty and the double jeopardy clause: if at first you don’t convict,
try, try again. Fordham Urban Law J 24:353. 354–355
Mazzacuva F (2013) La materia penale e il “doppio binario” della Corte europea: le garanzie al di
là delle apparenze, in Riv. it. dir. proc. pen., 4:1899
Mitsilegas V, Giuffrida F (2018) The European public prosecutor’s office and human rights. In:
Geelhoed W, Erkelens LH, Meij AWH (eds) Shifting perspectives on the European public pros-
ecutor’s office. Springer, The Hague, p 59, 78
Mongillo V (2012) The nature of corporate liability for criminal offences: theoretical models and
EU member state laws. In: Fiorella A (ed) Corporate criminal liability and compliance pro-
grams. Volume II, Towards a common model in the European Union. Jovene Editore, Napoli,
pp 75–95
Montedoro G, Supino I (2018) sub Articolo 7. In: Capriglione F (ed) Commentarioi al Testo Unico
delle leggi in materia bancaria e creditizia Tomo I, IV edn. Wolters Kluwer-CEDAM, Alphen
aan den Rijn
Moore M (2010) Placing blame: a general theory of the criminal law. Oxford University Press,
Oxford
Myers RE II (2011) Complex time don’t call for complex crimes. NCL Rev 89:1849
References 81
Nascimbene B (2018) Ne bis in idem, diritto internazionale e diritto europeo, in Dir. pen. cont., 2
May 2018
Neagu N (2012) The Ne Bis in Idem principle in the interpretation of European Courts: towards
uniform interpretation. Leiden J Int Law 25:955 et seq
Oliver J (2014) Civil Forfeiture, in Last Week Tonight, HBO, Season 1, Ep. 20, October 5, 2014.
https://www.youtube.com/watch?v=3kEpZWGgJks. Accessed 18 July 2018
Packer HL (1964) Two models of the criminal process. Univ Pa Law Rev 113:1. 10–11
Padoa Schioppa A (2009) La veduta corta. Il Mulino, Bologna
Paliero E (1980) Il “diritto penale-amministrativo”: profili comparatistici, in Riv. trim. dir. pubbl.,
p 1254
Panzavolta M (2009) Humanitarian concerns within the EAW. In: Keijser N, Van Sliedregt E (eds)
The European arrest warrant in practice. Springer, Heidelberg, p 179
Pflaum I, Hateley E (2014) A bit of a problem: national and extraterritorial regulation of virtual
currency in the age of financial disintermediation. Georgetown J Int Law 45:1169–1215
Rafaraci T (2009) The principle of non bis in idem in the jurisprudence of the European Court
of Justice. In: Braum A, Weyembergh S (eds) Le contrôle juridictionnel dans l’espace pénal
européen. Éditions de l’Université de Bruxelles, Bruxelles, p 93 et seq
Rakoff JS (2014) The financial crisis: why have no high-level executives been prosecuted?, in
N.Y. Rev. Books, January 9, 2014. http://www.nybooks.com/articles/2014/01/09/financial-
crisis-why-no-executive-prosecutions/. Accessed 14 July 2018
Recchia N (2015) Il principio europeo del ne bis in idem tra dimensione interna e internazionale,
in Riv. Trim. dir. pen. cont., 3:71
Renzetti S (2017) Il diritto di difesa dell’ente in fase cautelare. Giappichelli, Torino
Robinson PH (2003) The virtues of restorative process, the Vices of “Restorative Justice”. Utah
Law Rev 375:384–385
Roth J, Greenburg D, Wille S (2004) National Commission on terrorist attacks upon the United
States: monograph on terrorist financing. Staff Report to the Commission, 82. https://govinfo.
library.unt.edu/911/staff_statements/911_TerrFin_Monograph.pdf. Accessed 18 July 2018
Ruggeri S (2013) Horizontal cooperation, obtaining evidence overseas and the respect for fun-
damental rights in the EU. From the European Commission’s proposals to the proposal for a
directive on a European investigation order: towards a single tool of evidence gathering. In: Id.
(ed) Transnational inquiries and the protection of fundamental rights in criminal proceedings.
A study in memory of Vittorio Grevi and Giovanni Tranchina, Springer, Heidelberg, p 279
et seq
Ruggiero RA (2015) Non Prosecution Agreements e criminalità d’impresa negli USA: il paradosso
del liberismo economico, in Dir. pen. cont., 12 October 2015
Ruggeri A (2019) Ancora un passo avanti della Consulta lungo la via del “dialogo” con le Corti
europee e i giudici nazionali (a margine di Corte cost. n. 117 del 2019) in Consulta Online,
Studi 2019/II, 242
Safjan M (2012) Areas of application of the Charter of Fundamental Rights of the European
Union: fields of conflict, in EUI Working Paper, 22: 3–6
Salazar L (2017) Habemus EPPO! La lunga marcia della Procura europea, in Arch. pen., 2017,
fasc. n. 3
Sarmiento D (2013) Who’s afraid of the charter? Common Mark Law Rev 50:1267–1304
Schomburg W (2012) Criminal matters: transnational ne bis in idem in Europe—conflict of juris-
dictions —transfer of proceedings, in ERA Forum, p 311 et seq
Scoletta M (2019) Il ne bis in idem “preso sul serio”: la corte EDU sulla illegittimità del doppio
binario francese in materia di abusi di mercato (e i possibili riflessi nell’ordinamento italiano),
in Dir. pen. cont., 17.06.2019
Simonato M (2011) The spontaneous exchange of information between European judicial authori-
ties from the Italian perspective. New J Eur Crim Law 2(2):220
Simonato M (2017) Two instruments but a difficult relationship? Some upcoming decisions of
The CJEU On The Ne Bis In Idem, in European Law Blog, November 15, 2017. https://euro-
peanlawblog.eu/2017/11/15/two-instruments-but-a-difficult-relationship-some-upcoming-de-
cisions-of-the-cjeu-on-the-ne-bis-in-idem/. Accessed 18 July 2018
Singh D (2015) The centralisation of European financial regulation and supervision: is there a need
for a single enforcement handbook? Eur Bus Org Law Rev 16:439–465
Slater D, Thomas S, Waelbroeck D (2008) Proceedings before the European Commission and
the right to a fair trial: no need for reform?, in Research Papers in Law, Cahiers juridiques,
No 5. https://www.coleurope.eu/system/files_force/research-paper/researchpaper5_2008.
pdf?download=1. Accessed 17 July 2018
Stokes R (2012) Virtual money laundering: the case of Bitcoin and the Linden Dollar. Inf Commun
Technol Law 21(3):221–236
Story J (1991) Commentaries on the constitution of the United States, 1833. Fred B. Rothman &
Co., Littleton
Strader JK (2011) Understanding White Collar crime, 3rd edn. Lexis Nexis, New York
Tapscott A, Tapscott D (2017) Blockchain revolution: how the technology behind bitcoin is chang-
ing money, Unabridged edition
Tesoriero S (2016) Processo penale e prova multidisciplinare europea in materia di illeciti finan-
ziari, in Riv. dir. proc., Novembre-Dicembre 2016, Anno LXXI (Seconda Serie) - N. 6:1540
Tison M, Vandendriessche E (2010) The ECJ decision in Spector photo group and the presumption
of use of inside information: a blessing for the administrative enforcement of market abuse in
the EU?, in Financial Law Institute Working Paper, No. 17
Tomkin J (2014) sub Article 50. In: Peers S, Hervey TK, Kenner J, Ward A (eds) The EU charter
of fundamental rights. Hart Publishing, Oxford, p 1373 et seq
Trechsel S (2005) Human rights in criminal proceedings. Oxford University Press, Oxford
Tricot J, Martìn AN (forthcoming) Monitoring of banking transactions and traffic data. In: Ligeti
K (ed) Toward a prosecutor for the European Union-Draft Rules of procedure, vol 2. Hart
Publishing, Oxford
Tröger TH (2012–2013) Organizational choices of banks and the effective supervision of transna-
tional financial institutions. Tex Int’I LJ 48:177, 178, 221
U.S. Senate Permanent Subcommittee on Investigations (2010) Wall Street and the financial crisis:
role of the regulators, S.Hrg. 111–672, April 16, 2010. https://www.gpo.gov/fdsys/pkg/CHRG-
111shrg57320/html/CHRG-111shrg57320.htm. Accessed 16 July 2018
U.S. Senate Permanent Subcommittee on Investigations (2011) Wall Street and the financial cri-
sis: anatomy of a financial collapse, April 13, 2011. https://www.gpo.gov/fdsys/pkg/CHRG-
U.S. Sentencing Commission (2016) 2016 Sourcebook of federal sentencing statistics.
Organisational sentencing practice. https://www.ussc.gov/research/sourcebook-2016.
Accessed 22 May 2018. Accessed 16 July 2018
Ubertis G (2009) Principi di procedura penale europea. Le regole del giusto processo, 2nd edn.
Raffaello Cortina Editore, Milano
Uhlmann DM (2013) Prosecution deferred, justice denied, in NYT, December 13, 2013
Van Bockel WB (2010) The Ne Bis in Idem Principle in EU law. Kluwer Law International, Leiden
Van Dijk P (2006) Right to a fair trial and public hearing (article 6). In: van Dijk P, van Hoof F, van
Rijn A, Zwaak L (eds) Theory and practice of the European convention on human rights, 4th
edn. Intersentia, Cambridge, pp 513–577
Veenbrink M (2015) The Privilege against self-incrimination in EU competition law: a deafening
silence? Leg Issues Econ Integrat 42(2):119–142
Vervaele JAE (2005) The transnational Ne Bis In Idem principle in the EU mutual recognition and
equivalent protection of human rights. Utrecht Law Rev 1(2):100
Vervaele JAE (2013a) European territoriality and jurisdiction: the protection of the EU’s financial
interests in its horizontal and vertical (EPPO) dimension. In: Luchtman M (ed) Choice of forum
in cooperation against EU financial crime. Eleven International Publishing, The Hague, p 173
Vervaele JAE (2013b) Ne Bis In Idem: towards a transnational constitutional principle in the EU?
Utrecht Law Rev 9(4):211
References 83
Vervaele JAE (2014) European criminal justice in the Post-Lisbon area of freedom, security
and justice, with a prologue by G. Fornasari and D. Sartori (eds) Quaderni della Facoltà di
Giurisprudenza, Trento
Vervaele JAE (2015) Schengen and Charter-related ne bis in idem protection in the Area of
Freedom, Security and Justice: M and Zoran Spasic. Common Mark Law Rev 52:1339–1360
Vervaele JAE (2017) Jurisdictional issues in transnational multi-agency and multi-disciplinary
investigations of economic and financial crimes. In: Franssen V, Ligeti K (eds) Challenges in
the field of economic and financial crime in Europe and the US. Hart Publishing, Oxford, p 167
Viganò F (2014) Doppio binario sanzionatorio e ne bis in idem: verso una diretta applicazione
dell’art. 50 della Carta? (a margine della sentenza Grande Stevens della Corte EDU) in Dir.
pen. cont., 30 giugno 2014
Viganò F (2016a) Ne bis in idem e doppio binario sanzionatorio in materia di abusi di mercato:
dalla sentenza della Consulta un assist ai giudici comuni, in Dir. pen. cont., 16 May 2016
Viganò F (2016b) La Grande Camera della Corte di Strasburgo su ne bis in idem e doppio binario
sanzionatorio. Corte EDU (grande Camera) sent. 15 novembre 2016, A e B c. Norvegia, ric. n.
24130/11 e 29758/11, in Dir. pen. cont., 18 November 2016
Viganò F (2017) Una nuova sentenza di Strasburgo su ne bis in idem e reati tributari, in Dir. pen.
cont., fasc. 5:394
Waelbroeck M, Frignani A (1997) “Concurrence”, in Commentaire Mégret, vol 4. ULB, Bruxelles
Ward A (2017) sub Article 51. In: Peers S, Hervey TK, Kenner J, Ward A (eds) The EU charter of
fundamental rights. Hart Publishing, Oxford, p 1413 et seq
Wasmeier M (2014) Ne Bis in Idem and the enforcement condition: balancing freedom, security
and justice? New J Eur Crim Law 5(4):534–555
Weyembergh A (2013) La jurisprudence de la CJ relative au principe ne bis in idem: une contribu-
tion essentielle à la reconnaissance mutuelle en matière pénale. In: The Court of Justice and
the construction of Europe: analyses and perspectives on sixty years of case–law. Springer,
Heidelberg, p 556
Weyemberg A, Galli F (eds) (2014) Do labels still matter? Blurring boundaries between admin-
istrative and criminal law. The influence of the EU. Editions de l’Université de Bruxelles,
Bruxelles
Wils W (2004) The combination of the investigative and prosecutorial function and the adjudi-
cative function in EC antitrust enforcement: a legal and economic analysis. World Compet
27(2):208
Zagaris B (2017) Prosecutors and judges as corporate monitors? The US experience. In: Franssen
V, Ligeti K (eds) Challenges in the field of economic and financial crime in Europe and the
US. Hart Publishing, Oxford, pp 19–56
Zagrebelsky V (2014) Le sanzioni Consob, l’equo processo e il ne bis in idem nella Cedu, in Giur.
It., p 1196 et seq
Zou S (2014) Bitcoin Laundromats for Dirty Money: the Bank Secrecy Act’s (BSA) inadequacies
in regulating and enforcing money laundering laws over virtual currencies and the internet.
J Law Cyber Warfare 3(1):103–142
Chapter 3
Strengthening Financial Investigation
and Supervision at the International Level
The financial matter is just one of the fields of law where issues traditionally dealt
with at the domestic level, are increasingly influenced by supranational and interna-
tional actors, due to the globalisation of large sectors of the financial economy.
Before getting into the analysis of banking supervision and investigation in the
EU and in the US, describing the international bodies active in this field, and espe-
cially their impact on domestic or regional systems, is necessary and useful for a
twofold purpose.
First, it gives reason of the international origin of most regulations (and obliga-
tions) concerning financial institutions and investigation that apply at the national
level, and explains why it is relatively easier to find common standards in this field
compared with other sectors of criminal law, also when it comes to procedural rules.
The phenomenon is especially evident in the EU, where the first form of semi-
federal (at least in the original intentions) criminal investigative body, the European
Public Prosecutor Office, was launched precisely to fight against transnational
financial crime.1
This “legal globalisation”, however, also implies that every kind of proposal to
reform financial legislation (broadly meant, both administrative and criminal) can-
not anymore be decided and developed exclusively at the national level, regardless
of the formal persistency of national sovereignty on the matter.
Recommendations and standards developed by international bodies, as will be
illustrated, have indeed acquired in this field a much more relevant role than that
formally attached to them.
1
Or at least of some forms of financial crimes, and precisely those affecting the financial interests
of the EU according to the PIF Directive (2017/1371), cit., participation in a criminal organisation
with that purposes, and those crimes “inextricably linked” to the previous, cf. Article 22, EPPO
Regulation (2017/1939), cit. See also above, Sect. 2.3.4.

https://doi.org/10.1007/978-3-030-12161-7_3
86 3 Strengthening Financial Investigation and Supervision at the International Level
The consequence is, that adopting a transnational approach in the financial and
banking matter has become basically unavoidable.
This perspective shall be kept in due account also when the analysis proceeds
from a criminal law point of view, since several substantial and procedural profiles
that apply in daily investigations and supervision, such as the definition of investiga-
tive and sanctioning powers, or rules concerning the dissemination of information,
are increasingly deriving from, or grounded on supranational legal bases. In order to
provide the necessary background for the legal analysis that will be subsequently
carried out, the Chapter proceeds as follows.
Section 3.1 introduces the role of “self-regulatory bodies” in influencing the
applicable financial legislation, both substantive (sanctions), and procedural (inves-
tigative measures), regardless of their lack of direct legislative or enforcing powers.
Sections 3.2 and 3.3 deal with the Financial Action Task Force, the most influential
international body in the field of financial investigations (especially in anti-money
laundering and terrorist financing), as well as with its Recommendations, that have
a relevant impact in banking inquiries. In this sense, the international network of
cooperation represented by the Financial Intelligence Units and the Egmont Group
will be also taken into account.
Section 3.4 deals with MONEYVAL, a self-regulatory body of the Council of
Europe with competence on money laundering, whose reports and evaluations rep-
resent a fundamental source in understanding which are the investigative powers
currently applied at the national level (also) in banking investigations, and the main
lacunas of national legal systems on the matter. Lastly, Sect. 3.5 deals with the Basel
Committee on Banking Supervision, which plays a fundamental role in setting sub-
stantive and procedural standards for banking regulators in crucial profiles relevant
also under a criminal law perspective, such as independence and sharing of
information.
3.1 The Essential Role of Self-Regulatory Bodies
The influence of international legal sources and bodies is a phenomenon that does
not concerns only the financial matter, but which may be observed in several areas
where the link between globalised economics (legal or illegal), and law is particu-
larly tight.
For instance, with specific regard to criminal law, a similar trend may be found
in the fight against financial crimes such as money laundering, financing of terror-
ism, fraud or corruption, as well as in other subject matters, like smuggling,
human trafficking and other crimes linked to migration flows, tax frauds, environ-
mental crimes, terrorism, organised crime, and cybercrimes, just to mention a
few.
The financial matter, however, is especially emblematic in this sense, as in this
field the interaction between economic and policy interests has brought not only to
the issuing of several international legal acts, but also to the establishment of a sig-
3.1 The Essential Role of Self-Regulatory Bodies 87
nificant number of international bodies originated from, or belonging to different

international organizations. Under the first profile, for the purpose of this work it is
worth to briefly recall the Conventions elaborated within the United Nations (UN)
or, at regional level, by the Council of Europe (COE) and the Organisation of
American States (OAS).
Even if mostly oriented towards specific forms of financial offences, like money
laundering, financing of terrorism and corruption, these Conventions have a major
impact on the general matter of banking investigation, providing both recommenda-
tions and rules concerning financial inquiries and supervisory proceedings. The ref-
erence especially goes to: The 1997 UN Declaration against Corruption and Bribery
in International Commercial Transactions,2 and the 2003 Convention in the same
field3; the 1988 UN Convention on Illicit Traffic of Narcotics, Drugs and
Psychotropic Substances4; the 2001 Convention against Transnational Organised
Crime,5 and the 2000 International Convention for the Suppression of the Financing
of Terrorism.6 Within the jurisdiction of the COE, the more notable texts are: The
2015 Additional Protocol to the Council of Europe Convention on the Prevention of
Terrorism7; the 2005 Convention on Laundering, Search, Seizure and Confiscation
of the Proceeds from Crime and on the Financing of Terrorism,8 and its previous
version of 19909; the 2001 Convention on Cybercrime10; the 1959 European
Convention on Mutual Assistance in Criminal Matters,11 and, of course, the
European Convention on Human Rights.12 Finally, the OAS contributed in approv-
ing the Inter-American Convention against Terrorism13; and Against Corruption14;
the Inter-American Convention on Mutual Assistance in Criminal Matters,15 and its
Optional Protocol.16
2
Adopted by General Assembly Resolution 51/191 of 21.02.1997.
3
Adopted by General Assembly Resolution 58/4 of 31.10.2003.
4
Adopted by the UN Conference of Vienna (25.11–20.12.1988), convened pursuant to Resolution
1988/8 of 25.05.1988 of the Economic and Social Council acting on the basis of the General
Assembly Resolutions 39/141 of 14.12.1984 and 42/111 of 7.12.1987.
5
Also known as Palermo Convention, adopted by General Assembly Resolution 55/25 of
15.11.2000.
6
Adopted by the General Assembly of the United Nations in Resolution 54/109 of 9.12.1999.
7
CETS 217, Riga, 22.10.2015.
8
CETS 198, Warsaw, 16.05.2005.
9
CETS 141, Strasbourg, 08.11.1990.
10
CETS 185, Budapest, 23.11.2001.
11
CETS 030, Strasbourg, 20.04.1959 and its Additional Protocol, CETS 099, Strasbourg, 1.3.1978.
12
CETS 005, Rome, 04.11.1950 and its numerous Protocols, see https://www.coe.int/en/web/con-
ventions/full-list/-/conventions/webContent/en_GB/7435985. Accessed 18 July 2018.
13
A-66, adopted at the second Plenary Session, held on 3.06.2002.
14
B-58, adopted at the third Plenary Session, held on 29.03.1996.
15
A-55, adopted at: Nassau, Commonwealth of Bahamas, 23.05.1992.
16
A-59, adopted at: Managua, Nicaragua, 6.11.1993.
While the amount of the sources produced by these bodies, and their complexity
do not allow them to be examined in detail here, as each of them could constitute the
subject of a separate dissertation,17 there is also another reason why Conventions do
not represent the focus of the international legal framework reconstructed in this
chapter: They are perhaps the most well-known sources of international law, whose
form as legislative texts makes their impact on domestic legal orders relatively
“easy” to foresee, and to identify.18
On the other hand, the influence of self-regulatory international bodies, also in its
domestic dimension, is far sneakier to detect, although not less decisive in shaping
national systems of financial supervision and investigation.
That is first because these organizations scarcely constitute a homogeneous cat-
egory, but, within the general label of “financial matter”, present different origins,
powers, and internal structures, and operate in specific areas of expertise. The refer-
ence goes, at the international level, to the Financial Action Task Force, and the
Egmont Group, with its national ramifications (the Financial Intelligence Units), as
well as the to Basel Committee on Banking Supervision; while, at regional
(European) level, to the Anti-Money Laundering and Anti-Corruption Committees
of the Council of Europe.
Secondly, the few common elements that characterize the action and impact of
these bodies at the domestic level possibly make the identification of their specific
influence in legal terms even more blurred. In general terms, the action of self-reg-
ulatory bodies consists mainly of three elements: (a) Setting of common rules, stan-
dards or guidelines; (b) monitoring over their implementation at the domestic or
regional level; and (c) creating a cooperation platform for national operators.
These actions are a circular mechanism: At the end of every monitoring cycle,
these organizations tend to issue new or revised recommendations, which may have
either general content, or being address towards single national problems in dealing
with specific lacunas. To carry out these goals, and especially their monitoring
tasks, self-regulatory bodies usually set reporting duties on their members, to
receive data concerning their specific area of expertise, and establish oversight
mechanisms that allow them to directly collect information.
These bodies, therefore, own a certain legislative competence to produce legal
texts relevant for their members, especially to promote cooperation at statutory and
practical level; however, they lack any direct binding enforcing power. Nonetheless,
and this is the main feature of self-regulatory bodies which distinguish them from
being simple cooperation networks, their position and reputation, based on high
For provisions relevant to real-time monitoring of banking records cf. Chap. 7.

17
And in this sense, they have since long been brought to the attention of the academic debate, see,
18
among others, McClean (2007), Hauck and Peterke (2016), Unger et al. (2014), Calderoni (2010),
and Commonwealth Secretariat (2006).
3.2 The Financial Action Task Force: Administrative Financial Supervision… 89
qualification and specialization at the international level, de facto confer them a

quasi-binding weight in shaping domestic legal orders and/or their functioning.19
Dealing with such “soft-powers” hence requires to be aware of the prominently
empirical nature of their impact on legal systems. Therefore where, as unfortunately
in most cases, data are lacking or insufficient, drawing a precise picture of the actual
influence exercised by these bodies becomes rather imprecise. This notwithstand-
ing, such difficulties cannot lead to simply ignoring the existence of self-regulatory
organizations. Even if tough to be exactly quantified, self-regulatory bodies are
among the main producers of international legal sources in the financial matter. The
compliance between the documents issued by these bodies, and domestic legislation
and practice, especially concerning complex and technical matters like banking
regulation, remains therefore of paramount importance.
The methods applied by self-regulatory bodies, in fact, allow them to softly push
their members towards a common implementation of rules and standards, whence
the creation of a quasi-binding harmonisation effect carried out at the international
level. Due to their capacity of gathering expert representatives from all over the
world, self-regulatory bodies are often also privileged platforms for launching chal-
lenging proposals in the international debate, providing for solutions that may be
later adopted at regional or national level. As it will be shortly described, that is for
instance what happened in the last few decades for the development of banking
prudential supervision regulations in the European Union.
3.2 T
he Financial Action Task Force: Administrative
Financial Supervision and Criminal Investigative
Measures
The Financial Action Task Force (FATF) is an independent inter-governmental body

representing the world major financial centres, that currently comprises 36 States
(including the US, and 15 EU Member States),20 and two regional organizations
(including the European Commission).21 Ruled by a Plenary, which meets three
19
Self-regulation has been defined as “The process by which an identifiable group of people, such
as licensed lawyers, govern or direct their own activities by rules; specif., an organization’s or
industry’s control, oversight, or direction of itself according to rules and standards that it estab-
lishes/Self-regulation is often subject to the oversight of various governmental agencies, such as
the Securities Exchange Commission and the Commodities Futures Trading Commission”, cf.
Garner (2014), p. 1475. See also Moloney (2012), p. 95.
20
BG, HR, CY, CZ, EE, HU, LV, LT, MT, PL, RO, SK, SI are not participating.
21
In addition, more than 20 international organisations participate with an observer status, includ-
ing: the European Central Bank, Eurojust, Europol, the International Monetary Fund, the
International Organisation of Securities Commissions, Interpol, the UN, the World Bank, the
World Custom Organization, the Basel Committee, and the Egmont Group, for a complete list, see
http://www.fatf-gafi.org/about/membersandobservers/. Through MONEYVAL, the FATF is also
associated with the Council of Europe.
times per year, the FATF operates under a fixed life span, requiring periodic political
mandates by its Members to continue its activity.22
The Task Force has been established in 1989 with the goal of examining and
developing measures to combat money laundering.23 After 9/11, the FATF scope has
been extended also to protect the global financial system from phenomena such as
the financing of terrorism, and the proliferation of weapons of mass destruction.24
The overall purpose of the Task Force is thus to improve the national resistance to
these criminal activities, and through that, contributing to protect the international
financial system as a whole.
To achieve so, the body identifies the vulnerabilities of national systems in these
fields of law, and promotes the implementation of international common guidelines
to suggest an effective and coordinated response to financial crimes at the investiga-
tive level.25
The first FATF International Standards on Combating Money Laundering and
the Financing of Terrorism & Proliferation, better known as the “Forty FATF
Recommendations” were issued in 1990, and afterwards completed with the Special
Recommendations against Terrorist Financing.26 These Standards, reviewed
throughout the years (lately in October 2018, to include definitions of “Virtual
assets”, and nowadays comprising a total of 49 Recommendations27), provide a legal
framework of rules and operational measures that all the States under FATF juris-
diction shall adopt and implement. Interestingly, the Recommendations have a
rather extended scope of application which, taking into account a realistic view of
the criminal risks connected to financial transactions, is not limited to financial
institutions,28 but addresses also Non-Profit Organisations, and professionals with
critical public profiles that place them both at risk of, and in a front line position to
22
The current mandate was adopted in 2012, cf. FATF (2012b), cf. also Interpol (2001), OECD
(2013).
23
Cf. G-7/8 Summit, Economic Declaration, Paris, 16.07.1989, at (16): “Financial activities are
being increasingly carried out with new techniques on a worldwide basis. As regards insider trad-
ing, which could hamper the credibility of financial markets, regulations vary greatly among our
countries. These regulations have been recently, or are in the process of being, strengthened.
International cooperation should be pursued and enhanced […] 53. Accordingly, we resolve to take
the following measures within relevant fora: […] Convene a financial action task force from
Summit participants and other countries interested in these problems. Its mandate is to assess the
results of cooperation already undertaken in order to prevent the utilization of the banking system
and financial institutions for the purpose of money laundering, and to consider additional preven-
tive efforts in this field, including the adaptation of the legal and regulatory systems so as to
enhance multilateral judicial assistance”. http://www.g8.utoronto.ca/summit/1989paris/communi-
que/drug.html. Accessed 19 July 2018. Cf. also Bradley (2014), p. 275.
24
Cf. FATF (2002), at (16).
25
Cf. FATF (2015), p. 7 et seq.
26
The first Eight Special Recommendations against Terrorist Financing were issued in October
2001; after a review in 2003, in October 2004 the FATF published a Ninth Special Recommendation,
for the last complete version of the Special Recommendations, see FATF (2001).
27
Cf. FATF (2012a). The Fifth MONEYVAL evaluation round is the first that takes into account the
2012 version of the FATF Recommendations.
28
Even in the widest interpretations previously illustrated, cf. Sect. 2.1.
3.2 The Financial Action Task Force: Administrative Financial Supervision… 91
fight financial crimes, such as lawyers, notaries, and other independent legal profes-
sionals and accountants (the so-called Designated Non-Financial Businesses and
Professions-DNFBPs).29
In terms of content, the Recommendations cover both the administrative and the
criminal systems of control over financial operators and transactions, providing in
each case basic (but not necessarily minimum) standards to guarantee efficiency in
the proceedings.
Under the first profile, the Task Force requires all its Members to establish ade-
quate and effective supervisory mechanisms over financial institutions, applying the
substantive principles of prudential oversight established by the Basel Committee
on Banking Supervision30 also for Anti-Money Laundering/Countering the
Financing of Terrorism (AML/CFT) purposes.31 To achieve so, the Standards
require its members high-Customer Due Diligence (CDD), prohibiting financial
institutions from keeping anonymous accounts, or accounts in obviously fictitious
names, for both physical and legal beneficiaries, and requesting to maintain all nec-
essary records for at least 5 years.32
The Recommendations also specify that, at minimum, national supervisors
should be able to exercise the investigative powers of conducting inspections over
financial institutions, and compelling the production of any relevant information
from the latter.33 In case the controlled subjects are failing to comply with AML/
CFT requirements, Recommendation (35) requests regulating authorities to be
granted the power to impose “effective, proportionate and dissuasive sanctions,
whether criminal, civil or administrative” on financial institutions, DNFBPs, and
natural persons with legally relevant positions, such as directors or senior
management.34
The range of available sanctions should not be limited to pecuniary fees, but shall
also include disciplinary measures, such as the power to withdraw, restrict or sus-
pend the financial institution’s license. Evidently, the possibility for supervising
administrative authorities to impose criminal sanctions, also towards natural per-
sons, raises several issues concerning the legal basis for such powers, the need to
respect the fundamental defence rights of the subjects under investigation, and the
capability of administrative authorities to do so given their structural difference
from the judiciary.
29
Cf. FATF (2012a), Recommendations (8), (22), (23), according to which DNFBPs are required
to comply with customer due diligence and record-keeping obligations only when they engage in
the relevant activities listed by the Recommendations (22) and (23), and involving the engagement
in financial transactions. The DNFBPs’ category includes: “(a) Casinos; (b) Real estate agents; (c)
Dealers in precious metals and dealers in precious stones; (d) Lawyers, notaries, other independent
legal professionals and accountants […]; (f) Trust and company service providers[…]”, see
Definitions, in FATF (2012a), p. 114–115.
30
See below, Sect. 3.5.
31
FATF (2012a), Recommendation (26).
32
FATF (2012a), Recommendations (10), (11) and (24), and their interpretive notes, p. 58 et seq.
33
FATF (2012a), Recommendations (27) and (35).
34
The FATF Standards are neither recognizing, nor providing solutions to these
problems: Indeed, their purpose is not to draft a complete supervisory regulation,
but only to furnish some leading bases for the effective protection of the financial
market. Nonetheless, the theme of whether such investigative and sanctioning pow-
ers, either criminal or otherwise punitive in light of the Engel case-law,35 shall be
conferred to administrative supervisory bodies, and possibly how they shall be exer-
cised, represent most debated issues in banking investigations, and the very the core
of the analysis on the recently-created Single Supervisory Mechanism in the
Eurozone carried out in this work.36
In addition to financial supervision, the FATF Standards also identify measures,
which should be available in all the State members when conducting AML/CFT
criminal investigations.
At least, competent authorities shall be able to obtain access to all relevant docu-
ments and information possessed by financial institutions, DNFBPs and other natu-
ral or legal persons, and to compel them to do so in case of refusal. The same
authorities shall also be able to rely on measures allowing them to identify, in a
timely manner, the actual subjects who are controlling accounts and assets without
prior notification to the owner(s), and to trace the same for preventative purposes,
and confiscation.37 Therefore, investigating authorities shall be able to exercise a
“wide range of suitable” investigative techniques, both traditional (generally already
present in most of legal orders), such as searching of persons and premises, and tak-
ing witness statements, and those whose availability and systemization is still highly
varying from country to country, like monitoring of wire transfers and wire-
tapping38; undercover operations; controlled delivery39; and cash couriers detec-
tion.40 Lastly, the Standards require that once suspicious accounts have been
identified, competent authorities shall be able to seize, freeze, and confiscate crimi-
nal property and proceeds.41
These Recommendations exercise a relevant influence in several fields of proce-
dural criminal law.
First, their implementation called for a reduction, de facto a repeal, of secrecy
law applied to financial institutions and DNFBPs, as business secrecy or confiden-
tiality should not constitute a legal ground for refusing to execute a request for
mutual legal assistance on these matters, “except where the relevant information
that is sought is held in circumstances where legal professional privilege or legal
35
See Sect. 2.3, in general terms, and Sect. 6.3 with regard to the sanctioning powers applicable in
banking supervision in the EU (Single Supervisory Mechanism, and CRD IV).
36
For the reasons at the basis of the Mechanism and its investigative and sanctioning powers, see
Chap. 4; for its analysis in light of Basel Standards and fair trial rights, see Chap. 6 (Sects. 6.1.1
–6.1.3).
37
Cf. FATF (2012a), Recommendations (4), (16), (30) and (31).
38
FATF (2012a), Recommendations (30) and (31). Cf. also Chaps. 7 and 8.
39
FATF (2012a), Recommendation (31).
40
FATF (2012a), Recommendation (32) and Special Recommendation IX.
41
FATF (2012a), Recommendations (4), (6), (16) and (30).
3.3 Financial Intelligence Units and the Egmont Group 93
professional secrecy applies”–a distinguishing which is not always easy to outline,

especially in case of internal organization legal service.42
Second, the action of the Task Force represents an influential incentive for the
introduction of common investigative measures, where not already provided at
domestic level; in this sense, however, the Standards are only exercising a “soft”
binding effect, as they still require a political decision at national level to be
implemented.
Lastly, the FATF constant monitoring over the territories under its jurisdiction,
where the Task Force actively pushes for strengthening cooperation networks
among national competent authorities and achieving the free movement of the infor-
mation so obtained, plays a substantial role also in the daily application of investiga-
tive measures already established at domestic level. Indeed, FATF reports are
fundamental in providing an external and comprehensive view on current investiga-
tive legal frameworks and practice worldwide, and in highlighting limits and lacu-
nas of the current implementation, both in a national and in a transnational
perspective.
3.3 Financial Intelligence Units and the Egmont Group
International cooperation is perhaps the field in which self-regulatory bodies reveal

their utmost importance, and the Financial Action Task Force is no exception to that.
To reinforce the transnational AML/CFT networking among State members, the
FATF Standards require to establish specialized and multi-disciplinary joint inves-
tigative teams at the national level, and to provide “adequate legal basis” for the
national competent authorities to apply all the recommended investigative measures
not only in domestic inquiries, but also in responding to the “widest possible range”
to mutual legal assistance requests.43 In realizing these cooperation practices, the
Task Force’s action is deeply connected with another major international organiza-
tion, in which the FATF holds an observer status: The Egmont Group of Financial
Intelligence Units. Created in 1995, this network represents the meeting point of the
national Financial Intelligence Units (FIUs).
As defined by Recommendation (29), a FIU is an agency that “serves as a national
centre for the receipt and analysis of: (a) suspicious transaction reports; and (b)
other information relevant to money laundering, associated predicate offences and
terrorist financing, and for the dissemination of the results of that analysis”.44 FIUs
42
Cf. FATF (2012a), Recommendations (9), and (37(d)). The critical problems arising from profes-
sional, and legal professional secrecy in the context of banking supervision in the Eurozone (Single
Supervisory Mechanism), although not representing the focus of this work, are identified and
briefly discussed in Sects. 6.1.3 (cooperation), and 6.3.5 (privilege against self-incrimination). For
residual value of bank secrecy law cf. Sect. 7.1.
43
FATF (2012a), Recommendations (2), (29), (30), (36), (37), (38) and (40).
44
FATF (2012a), Recommendation (29) and its interpretive note, p. 95 et seq.
may be established according to different models, often but not necessarily combin-
ing their functions to those of authorities already responsible for combating money
laundering and terrorist financing under national or supranational legislation.45
Against this background, some States assigned FIU’s competence to administra-
tive authorities. That is the case, for instance, of France (Traitement du renseigne-
ment et action contre les circuits financiers clandestins-TRACFIN); Spain (Servicio
Ejecutivo de la Comisión de Prevención del Blanqueo de Capitales e Infracciones
Monetarias-SEPBLAC); Italy (Unità di Informazione Finanziaria della Banca
d’Italia-UIF), and the US (Financial Crimes Enforcement Network-FinCEN).
An administrative nature usually allows FIUs to share the information collected
with every other kind of Financial Intelligence Unit, without major legal issues for
its dissemination. Administrative-type FIUs also are generally placed in optimal
positions to get information from financial institutions, especially if the Unit is
located within central banks or other regulatory agencies. Indeed, in this way, it is
easier for FIUs to appear as a “neutral” and technical interlocutor for the reporting
parties, facilitating financial institutions to put trust in their activity,46 although their
proximity with the banking industry (from which is likely most of their personnel
coming from), and the following potential conflicts of interest inherent to it, are not
to be underestimated.47
This type of Units, moreover, are lacking judicial coercive powers of investiga-
tion. Their task is usually limited to the receipt, analysis and dissemination of suspi-
cious information, without any possibility of directly adopting restrictive measures
such as freezing of transactions.48 Accordingly, crimes discovered during regulatory
activity cannot be dealt with directly by these FIUs, as criminal prosecution falls
outside of their competence. After having substantiated a suspicion, they have to
refer it to the authorities in charge of criminal investigations, and if the latter are not
timely executed, that may result in a substantial delay of the prosecution.
Lastly, rules applicable in administrative proceedings substantially vary from
country to country: This may bring to very divergent outcomes even in analysing
similar factual circumstances, and thus impair an effective transnational AML/CFT
response.
45
The designation of an AML authority has been required in the EU since the First AML Directive,
see Council Directive 91/308/EEC on prevention of the use of the financial system for the purpose
of money laundering of 10.06.1991. For the impact of such choices in real-time monitoring of
banking records, see Sect. 8.3. For a complete analysis of the FIUs models and system, see also
International Monetary Fund & World Bank (2004), p. 10 et seq.
46
International Monetary Fund & World Bank (2004), p. 11; FInCEN (2012).
47
The risk of such a proximity with the banking industry, for instance, has been proved dramati-
cally concrete with regard to banking supervisors in the outbreak of the 2006–2008 financial crisis.
For an analysis of this profile, see below, Sect. 6.1.1.
48
But this is not necessarily the case of all administrative-type of FIUs, see e.g. the Italian FIU, that
is conferred the power to freeze suspicious operations (for AML or CFT purposes) for a maximum
of five working days, cf. Article 6(7)(c) of Legislative Decree no. 231 of 21.11.2007 (implement-
ing Directive 2005/60/EC).
Other countries, such as Germany (Bundeszollverwaltung-ZOLL), and the UK

(National Crime Agency-NCA), opted for a law-enforcement type of FIU. Also for
this kind of agencies pro and cons are multiple. From one side, they are relatively
easy to establish, since they may be based on existing and operational police infra-
structures. Thanks to their position, these FIUs can also provide a quicker repressive
reaction for serious crimes discovered in the course of the supervision, even if that
requires the launching of a formal investigation. In addition, information collected
by law-enforcement FIUs may be easily exchanged worldwide through already
existing networks, such as Interpol, Europol, or other intelligence services.
On the other side, however, these kind of FIUs naturally tend to be more effective
in investigations than in preventive oversight. First, they are usually referred suspi-
cious financial transactions only above a fixed threshold, and thus analyse just the
more serious misconducts. Second, these FIUs are often lacking the technical skills
necessary to effectively deal with highly specialized financial operations and data,
or require relevant investments in terms of resources and time to achieve such goal.
Lastly, not being originally part of the financial systems, law-enforcement FIUs also
need to build their reputation among financial institutions, to win their trust and
establish effective cooperation: Another step which may require long time, and
efforts before being achieved.
Both administrative and law-enforcement type of FIUs share a common weak
point: Being usually placed in the executive, the outcome of the activity of these
agencies might be influenced by political considerations or convenience, rather than
being guided by independent criteria.
In order to avoid this problem, some States, such as Luxemburg (Cellule de
Renseignement Financier-CRF), conferred FIU’s competence directly to a judicial
authority. That allows FIUs to act independently from political interference, imme-
diately start criminal investigations and, if needed, adopt coercive measures (such as
searching and seizing funds; freezing of accounts; and issuing detention orders). In
return, these judicial Units might run into legal difficulties in exchanging informa-
tion with non-judicial FIUs, and share the same reputational and expertise disadvan-
tages of the law-enforcement type.
Lastly, some other countries, including Jersey (Jersey States of Jersey Police/
Joint Financial Crimes Unit-FCU) and Denmark (Hvidvasksekretariatet
Stadsadvokaten for Særlig Økonomisk Kriminalitet/Hvidvasksekretariatet–SØK/
HVIDVASK), opted for the creation of hybrid models, whose specific characteristics
depend on the combinations of the features selected among the paradigms illus-
trated above.
Clearly, none of these models is per se exempt from criticism.
For instance, judicial and law-enforcement FIUs may, in the first place, heavily
suffer in terms of efficiency to get the information from the banking sector, and to
timely analyse it, until they have built up a very technical expertise in financial pru-
dential regulations for their personnel (which requires significant deployment of
resources). On the other side, administrative or hybrid models leave fundamental
issues without an answer, such as which should be the conditions under which it is
possible to transfer potential evidence from a FIU to the judicial authorities,
e specially (but not exclusively) with regard to the privilege against self-incrimina-
tion, when a FIU is requesting a subject to provide potentially incriminating infor-
mation.49 The theme becomes pivotal considering that in many jurisdictions, as it
will be further examined, it is precisely non-judicial FIUs which–within their com-
petence–are entitled to apply particularly pervading investigative measures, such as
real-time monitoring of financial records.50
The main asset of the FIUs’ system, however, relies on their capability of inter-
acting with each other on a worldwide scenario within the structure given by the
Egmont Group. Currently, the Group counts 158 members, including the FIUs of
the United States, and of all the European Union Member States, but the number is
expected to grow in the next years, since its subscription has become mandatory for
all FIUs since 2012.51
Thanks to the Egmont Group, FIUs may reciprocally exchange financial infor-
mation on a global dimension, stemming from suspicious or unusual transaction
reports and other disclosures of the financial sector, to government administrative
data, and public record information. Exchange of information among FIUs may
happen spontaneously, or upon requests founded on appropriate legal basis (such as
bi-and multilateral agreements, or Memoranda of Understanding).52 Through its
activity, the Group’s aim is to promote the free movement of information, and the
protection of confidentiality among the FIUs, irrespective of the existing differences
among national legal systems.53
To strengthen and promote cooperation, the FATF Standards require financial
institutions and DNFBPs to report to their national FIU any suspicion on potential
relations of funds and criminal activities; granting them, at the same time, criminal
and civil law immunity for the duly disclosure.54 In particular, these entities shall
refer information such as: “The identity of the accountholder and of the other sub-
jects authorized to operate the account; the beneficial owner and, in relation to legal
persons and arrangements, the ownership and control structure; the type and amount
49
On the need to respect “core” procedural fair trial rights in the dissemination of evidence between
administrative and criminal proceedings, see Sect. 6.1.3; for an analysis of the critical issues con-
cerning the privilege in the sanctioning proceedings of the Eurozone banking supervisor (the
Single Supervisory Mechanism), cf. Sect. 6.3.5.–6.3.6.
50
Cf. Sect. 7.5.
51
For a complete overview on the governance of the Group and its structure, see Egmont Group of
Financial Intelligence Units (2013b). The list of members and observers (including organizations
such as FATF, IMF, UN, World Bank, OCSE, MONEYVAL) may be found at: https://www.
egmontgroup.org/en/membership/list. Accessed 16 June 2019.
52
See Egmont Group of Financial Intelligence Units (2013c; 2000; 2018).
53
Egmont Group (2013a), at (3) and (6); Egmont Group (2013b), at (3). Meetings are also used to
encourage the exchange of practices and expertise, and to provide training to the FIUs’ officials for
the specific tasks required by financial investigations. With the aim of facilitating continuous coop-
eration, the Egmont Group has also established a secure Internet encrypted system (the Egmont
Secure Web-ESW), which permits its members to communicate with one another via secure e-mail,
cf. Egmont Group (2013a), at (9); Egmont Group (2013b), at (3.3). On the importance of training
and specialization in financial criminal law, see also Franssen and Ligeti (2017), p. 7.
54
of the transactions performed as well as the counterparts involved; for wire trans-
fers, information on the payer and the beneficiary; the nature and purpose of the
activities conducted by the customer; and any other information gathered in the
Customer Due Diligence process”.55
As long as that is necessary to properly undertake their functions, FIUs shall also
be able to obtain information from sources other than financial institutions, such as
law-enforcement agencies.56
In order to nurture reciprocal trust, and to the extent possible, when a FIU is
requesting information from a counterpart, it shall disclose the reasons for the
request and the purpose for which the information will be used.57 Generally, to facil-
itate cooperation, the Egmont Group requires the FIUs to “grant prior consent to
disseminate the information” to other competent authorities, but refusal is allowed
as long as it is “appropriately explained”.58
While secrecy law cannot constitute a ground for refusal, a cooperation request
may be denied in case the issuing FIU is not able to guarantee an adequate protec-
tion of confidentiality.59 A FIU may also refuse to provide information towards
those national agencies which are lacking reciprocity, or where inadequate coopera-
tion practices are recurring.60 In any case, according to the Standards, sharing of
information shall not be impaired neither by the different nature of the FIUs, nor by
the contemporary undergoing of criminal or administrative proceedings in the
requested State, unless that would hinder the investigation–thus leaving some mar-
gin of appreciation to the authorities concerned.61
Cooperation could also be refused if granting the information would be in a clear
disproportion to the “legitimate interests of a natural or legal person or the State of
the providing FIU, or would otherwise not be in accordance with fundamental
55
Egmont Group (2013a), at (48).
56
FATF (2012a), Recommendation (29) and its interpretive note, esp. p. 96 at (13) “countries
should ensure that the FIU has regard to the Egmont Group statement of purpose and its Principles
for Information Exchange Between Financial Intelligence Units for Money Laundering and
Financing of Terrorism Cases (these documents set out important guidance concerning the role and
functions of FIUs, and the mechanisms for exchanging information between FIUs)”. This objec-
tive has been implemented at EU level by Article 1, EC Council Decision 2000/642/JHA of
17.10.2000 concerning arrangements for cooperation between financial intelligence units of the
Member States in respect of exchanging information, following the conclusions of the Tampere
European Council Meeting of 15 and 16.10.1999: Creation of an Area of Freedom, Security, and
Justice, Presidency Conclusions, at (54); European Council, The Prevention and Control of
Organised Crime: a European Union Strategy for the beginning of the New Millennium (2000/C
124/01), at (54).
57
Egmont Group (2013c), at (20). For the requests, FIUs may use templates provided by the
Egmont Group itself, see Annex A and B, Egmont Group (2013a).
58
Egmont Group (2013c), at (26).
59
Egmont Group (2013c), at (25) and (24), lett. b). For a brief analysis on professional secrecy in
the cooperation in the Eurozone banking supervisory system, see Sect. 6.1.3.
60
Egmont Group (2013c), at (27).
61
Egmont Group (2013c) at (24), lett. c–d), and Egmont Group (2013a), at (30).
p rinciples of its national law”.62 In any case, the use of the information received by
a FIU is restricted to the scope of application of its AML/CFT provisions, and shall
not exceed the purposes for which it was sought or provided. Dissemination for
further purposes is not prohibited, but that requires the prior authorization of the
requested FIU.63
All these rules have a direct impact only on the relation among national FIUs;
however, their influence goes far beyond the scope of application of the Egmont
Group. Indeed, enforcing forms of effective cooperation among different jurisdic-
tions, which means creating a network in which parties may trust each other, indi-
rectly requires national authorities to implement adequate, and at least partially
harmonized, mechanisms to exchange information, rules, and guarantees, whose
scope of application is not necessarily restricted to the fight against money launder-
ing and financing of terrorism.
3.4 E
nsuring Common Standards Against Financial Crime
at Regional Level: The Council of Europe
At regional level, the contribution of the European Convention on Human Rights

and the Court in Strasbourg to the development and the implementation of civil,
political and social rights scarcely needs any presentation. The Convention, how-
ever, is not the only tool through which the Council of Europe (COE) is acting in the
field of crime prevention and control. Oversight tasks, for instance, are allocated to
several specialized subcommittees under the responsibility of the COE’s Committee
of Ministers.64 In the field of criminal financial investigations, the most relevant self-
regulatory body is the Committee of Experts on the Evaluation of Anti-Money
Laundering Measures and the Financing of Terrorism (MONEYVAL), established
in 1997.
Within its scope of application, this Committee aims at enabling the Council to
identify, and make up for areas of non-compliance with international and regional
standards, gathering data, and elaborating comparative analyses on national legisla-
tion and investigative practices. Using relevant international and supranational leg-
islation as parameters for its assessments, and its monitoring powers to urge
62
Egmont Group (2013c).
63
Egmont Group (2013c), at (26) and (32); Egmont Group (2013a), at (18); Egmont Group
(2013b), at (3).
64
The Committee is the decision-making body of the COE, composed by the Ministers for Foreign
Affairs of the member States and organized in several thematic subcommittees, such as the
European Committee on Crime Problems (CDPC), competent on intergovernmental legal coopera-
tion, and entrusted with the power to elaborate conventions, recommendations and reports; the
European Committee on Legal Co-operation (CDCJ), whose mission is to draw up common stan-
dards, and foster legal cooperation among the 47 Members of the Council; the Justice and Legal
Cooperation Department, which supports in the training of professionals; and the Group of States
Against Corruption (GRECO).
3.4 Ensuring Common Standards Against Financial Crime at Regional Level… 99
Members in implementing the measures required, this body is promoting the dis-
semination of common rules and guarantees at transnational level. However, unlike
the FATF or the Basel Committee, recommendations issued by MONEYVAL are
always targeted to the legal system examined, and do not aim at establishing general
rules and criteria.
Currently MONEYVAL is responsible for 34 jurisdictions, and counts numer-
ous participants with an observer status, such as the European Commission, the
Secretariat General of the Council of the European Union, Interpol, the FATF
Secretariat, the UN, the Egmont Group, the IMF, and the World Bank. The
Committee exercises functions partially complementary to the FATF’s, since it
has jurisdiction only over those Members of the Council of Europe which are not
part of the Financial Action Task Force, or which nonetheless requested to con-
tinue to be evaluated by the Committee. MONEYVAL also extends its action to
the three UK Crown Dependencies of Guernsey, Jersey, and the Isle of Man and
Gibraltar—which possess a high relevance in the management of the financial
market, all three being tax havens—and even to some States which are not mem-
bers of the COE, such as the Holy See and Israel.65 Similarly to the FATF, with
which it strictly cooperates, the Committee is entrusted with the monitoring of
domestic legal systems, and in particular of mechanisms countering money laun-
dering and terrorist financing: MONEYVAL assesses their compliance with the
relevant international standards on the matter, namely the FATF Standards; the
1988 UN Convention on Illicit Traffic of Narcotics, Drugs and Psychotropic
Substances; and the 2000 UN Convention Against Transnational Organised Crime.
MONEYVAL also monitors the implementation of some legal sources issued by
the same Council of Europe, such as the 1990 and the 2005 Conventions on
Laundering, Search, Seizure and Confiscation of the Proceeds from Crime, as well
as of the EU AML directives.66
Since 1998, the Committees’ assessment process is structured in mutual evalua-
tion cycles,67 or rounds that are periodically launched. These records are carried out
according to specific sets of Rules of Procedure, revised with the same frequency to
keep up with the necessities of the inquiries, and the development of legislations.68
65
According to Article 2.2a, 2.2b, 2.2e of Resolution CM/Res (2010) 12 on the MONEYVAL
Statute. See also Resolution CM/Res (2011) 5 for the Holy See; and Resolution CM/Res (2012) 6
for the UK Crown Dependencies. The complete list of members and observers may be found at:
https://www.coe.int/en/web/moneyval/moneyval-brief/members. Accessed 16 June 2019.
66
So far the last EU parameter adopted during the evaluations of the Committee is the Third AML/
CFT Directive, cf. Directive 2005/60/EC of 26.10.2005 on the prevention of the use of the financial
system for the purpose of money laundering and terrorist financing. The Fourth AML/CFT
Directive has not yet been taken as a parameter in the action of MONEYVAL.
67
First round (1998–2000): evaluated 22 Member States; Second round (2001–2004): Evaluated
27 member States; Third round (2005–2009): Evaluated 28 member States, the Holy See and
Israel; Fourth Round (2009–2015): Evaluation to be finalized; Fifth round (2015–2021): On-going.
68
See MONEYVAL (2017), last revised in September 2017. The evaluation takes also into account
the Methodology for Assessing Compliance with the FATF Recommendations and the Effectiveness
of AML/CFT Systems.
At every cycle, the Committee is examining only part of the countries under its
jurisdiction, sending them questionnaires about their legislative and regulatory con-
texts and related statistics. In addition, MONEYVAL is directly conducting part of
the examination, through inspecting teams which are meeting with competent
governmental and law-enforcement agencies, regulators, prosecutors, and represen-
tatives of the private sector and of non-governmental organisations. Notably, the
Fifth round, currently underway, is the first evaluation for which is it provided a
length of at least two weeks of on-site visits for each State, instead of the previous
8-days maximum length. When the evaluation is concluded, the teams draft a report,
that is discussed with the affected State before its submission to the Committee for
the official adoption. Even after this phase, MONEYVAL may require countries
involved in the evaluation process to submit progress reports describing new mea-
sures that have been put in place to comply with the suggested remarks. If progress
is not considered sufficient, the Committee may take further steps, including the
imposition of Compliance Enhancing Procedures (CEPs),69 articulated in several
progressive steps,70 which last until the actions taken by the State Member are
judged as satisfactory.
3.5 E
nsuring Effective Banking Oversight: The Basel
Committee on Banking Supervision
In 1975, after the breakdown of the Bretton Woods system,71 central bank governors
of the G10 countries founded the Basel Committee on Banking Supervision (BCBS),
with the aim of enhancing financial stability worldwide, by improving supervisory
knowhow and quality of banking regulation.
Currently the BCBS membership covers 28 jurisdictions—including the EU and
nine of its Member States, the US, Russia and Switzerland—all represented in the
Committee by their central banks and, where different, also by the authority
69
The CEPs process may be applied as a result of a plenary decision, in a meeting with delegates
from State members, two FATF member States, representatives of observer States, organisations
and institutions or bodies. MONEYVAL’s plenary meetings take place in Strasbourg thrice per
year, cf. Resolution CM/Res (2010) 12. In 2014 Lithuania and Bosnia and Herzegovina were sub-
ject to the procedure, cf. MONEYVAL (2015), p. 32. For an updated overview of the measures
adopted by the members, see Idem, Appendix 3, p. 53. MONEYVAL is also carrying out horizon-
tal reviews, in which the countries are examined under a specific perspective, e.g. payment of
ransoms, financing of terrorism, just to mention the more recent.
70
Cf. MONEYVAL (2017).
71
Created in 1944, the system established commercial and financial rules for the US, Canada,
Western Europe, Australia and Japan, until its dismemberment in the early 1970s, when the US put
an end to the link between dollar and gold. Bretton Woods was the first example of a negotiated
monetary order among independent States, operating through the establishment of fixed exchange
currency rates.
3.5 Ensuring Effective Banking Oversight: The Basel Committee on Banking… 101
responsible for banking prudential supervision.72 Since its creation, the Basel
Committee has been designed as a forum for regular cooperation on the matter of
banking regulation, with the goal of closing the gaps in international supervisory
coverage “so that (i) no foreign banking establishment would escape supervision;
and (ii) supervision would be adequate and consistent across member jurisdictions”.73
In order to achieve so, the BCBS periodically sets minimum common standards
for banking supervision, sharing approaches and techniques to improve coopera-
tion, and helping identifying risks in the global financial market. To improve the
resilience of the global banking system, since 2012 the Committee has also begun
to actually monitoring the implementation of its standards and guidelines within its
jurisdiction.
As a self-regulatory body, the legal texts issued by BCBS do not possess legal
binding value; nonetheless, they historically exercised a great influence in shaping
banking supervisory regulations, both at national and at the supranational level, to
the point that they are often literally “transposed” in domestic legislation. The
Committee’s action mainly affects the areas of banking supervision, and banks’
capital requirements, where it plays a fundamental role in defining comprehensive
approaches to control the risk of banking activity, above all concerning capital
requirements.
The first Basel Capital Accord, or Basel I, was approved by the G10 Governors,
and released to banks in July 1988, followed by several revisions until 1997.74 By
September 1993, the requirements provided in the Accord, and especially the mini-
mum ratio of capital to risk-weighted assets were met by all G10 countries’ banks,75
and introduced in most other countries with active international banks. In what was
then called the European Economic Community, the Accord was used as the basis
for the amendment of the First and the issuing of the Second Banking Directive.76
In 1999, the Committee published a proposal for a new framework to replace the
first agreement, which, in 2004, led to the release of the Revised Capital Framework
or Basel II.77 The new standards were structured in three pillars, covering: Minimum
capital requirements (an expansion of the 1988 version); supervisory review of the
institutions’ compliance with the standards required (incentivizing cooperation
among competent authorities); and effective disclosure of information to banking
regulators. In 2006, with the cooperation of the International Organization of
Securities Commissions (IOSCO), the text was integrated to encompass not only
72
The EU Member States are: BE, DE, ES, FR, IT, LU, NL, SE, UK. The European Banking
Authority, the European Commission, and the International Monetary Fund are among BCBS
observing members. For a complete list of the members, see http://www.bis.org/bcbs/membership.
htm. Accessed 16 June 2019.
73
Cf. BCBS (2014c), p. 1.
74
BCBS (1988).
75
BE, DE, FR, DE, IT, NL, SE, UK, Canada, Japan, Switzerland, and the US.
76
Cf. First Council Directive 77/780/EEC, and Second Council Directive 89/646/EEC, cit.
77
BCBS (2004).
banking books, but also banks’ trading books.78 In the same year, without relevant
changes, Basel II was transposed at the EU level through Directive 2006/48/EC.79
In September 2008—the same month when the mispricing of credit and liquidity
risk, and the engagement in junk securities burst into the collapse of Lehman
Brothers, and the outbreak of financial crisis in the US—the Basel Committee
issued again a new text, trying to address the dissemination of “deplorable” gover-
nance practices into the banking sector, such as disproportion between the banking
leverage in the financial market, inappropriate structures and liquidity buffers, and
poor risk management.80 At the end of 2010, a new comprehensive proposal to
strengthen the previous regulatory framework, known as Basel III was issued. The
Accord had to be fully implemented, respectively, by 2015 for the part concerning
new capital requirements, and by 2017 for what regards compliance procedures.81 In
2013, the new agreement was introduced as part of the EU legislation, and made
compulsory for all credit institutions licensed, or operational within the territory of
the Union, through the already mentioned Fourth Capital Requirements Directive
(CRD IV), and Regulation (CRR).82
For the scope of this work, however, even more relevant is the contribution pro-
vided by the BCBS in the field of banking oversight, where the Committee has also
formulated a detailed set of rules and standards, to be implemented in the legislative
systems of the participating jurisdictions.
The 29 Core Principles for Effective Banking Supervision, first published in
1997, and then revised in 2012 deal with multiple profiles concerning banking
supervision, from powers, responsibilities and functions of the supervisory agen-
cies, to the set of requirements for assessing the compliance with the standards of
prudential regulation.83 To this end, the document provides for both bare rules
(Principles), and their interpretative criteria (Essential Criteria).
As far as the internal structure of supervisors is concerned, Principle 2 requires
national regulators to be independent and accountable, meaning both being granted
adequate resources and budgetary autonomy, and lacking any governmental or
industry interference in the decision-making process. In particular, to be granted
“full discretion to take any supervisory actions or decisions on banks and banking
groups under its supervision”, the governing body of a supervisor should be “struc-
tured to avoid any real or perceived conflicts of interest”, and furnished with specific
rules on how to prevent those phenomena to happen.84
78
BCBS (2006).
79
Directive 2006/48/EC of 14.06.2006 relating to the taking up and pursuit of the business of credit
institutions.
80
BCBS (2008).
81
See BCBS (2010), and BCBS (2013). For the implementation of Basel III see also BCBS
(2014b).
82
Directive 2013/36/EU, and Regulation No. 575/2013, cit. Cf. also BCBS (2014a).
83
Cf. Principle 1 – Essential Criterion 1, and Principle 8, BCBS (2012). Cf. Tröger (2012–2013),
p. 200 ff; Bradley (2014), p. 272.
84
Cf. Principle 2 – Essential Criteria 1, 4, 5, 6. Analysing the compliance with this Principle of the
Single Supervisory Mechanism, and US banking regulators, Sect. 6.1.1.
3.5 Ensuring Effective Banking Oversight: The Basel Committee on Banking… 103
According to Principles 3, supervisory authorities should also be integrated in a

fully operational and effective cooperation network, where to share information
with other domestic authorities responsible for the safety and soundness of banks,
other financial institutions and/or the stability of the financial system.85 Within this
system, the need for confidentiality should be safeguarded through limitations in the
use of the received information, that shall be restricted only to supervisory pur-
poses, unless full disclosure is due to the law or to a court order.86
Finally, following Principle 11, banking supervisors shall be involved together
with other relevant national authorities in the decision-making process concerning
particularly critical phases for credit institutions, such as restructuring, mergers, and
closure of banks.87
The Core Principles also outline the basic investigative power that should be
available to banking supervisors in fulfilling their mandate.
In particular Principles 1, 9 and 10 require supervisors to: Have full access to the
bank files and records, also related to personnel at all levels (including internal man-
agement information); review of the banks’ overall activities, also with regard to
those exercised abroad and/or by parent and affiliated companies; and perform on-
and off-site inspections.88 Banking supervisors shall also be granted access to a wide
variety of data and information produced by third parties and concerning banking
activity such as “prudential reports, statistical returns, information on a bank’s related
entities, and publicly available information”, which may be used for oversight deci-
sions if deemed sufficiently reliable. In any case, supervisors retain the power to
request clarifications and additional information directly to credit institutions.89
If banks are not complying with laws or regulations, or are likely to be engaging
in unsafe or unsound practices or actions for the banking system, or when the inter-
ests of depositors are otherwise threatened, banking supervisors should be granted
an “adequate range” of sanctioning powers “to bring about timely corrective actions”
both towards financial institutions, their organs and the individuals therein.90
In particular, according to Principle 11, they should be able to impose measures
such as: Restricting the current activities of the bank; imposing more stringent pru-
dential limits and requirements; withholding approval of new activities or acquisi-
tions; restricting or suspending payments to shareholders or share repurchases;
restricting asset transfers; ring-fencing91; barring individuals from the banking
85
Cf. Principle 3 – Essential Criterion 1. Analysing the compliance with this Principle in banking
supervision Sects. 6.1.2 (US banking regulators) and 6.1.3 (Single Supervisory Mechanism).
86
Cf. Principle 3 – Essential Criterion 4.
87
88
Cf. Principle 1 – Essential Criteria 5,7; Principle 9 – Essential Criterion 1; Principle 10 –
Essential Criteria 6,7. Analysing the Single Supervisory Mechanism investigative powers, Sect.
4.4.3.; for the US regulators, see Sects. 5.2 and 5.3.
89
90
Cf. Principle 1 – Essential Criterion 6; Principle 11 – Essential Criteria 2, 5.
91
Ring-fencing occurs when a portion of a company’s assets or profits are financially separated
without necessarily being operated as a separate entity. This is done mainly to protect consumers
from the risk of open market activities of the parent company.
s ector; replacing or restricting the powers of managers, Board members or control-

ling owners; facilitating a takeover by or merger with a healthier institution; provid-
ing for the interim management of the bank; and revoking or recommending the
revocation of the banking license.92
In the exercise of these prerogatives, supervisors should follow an assessing pro-
cedure, which provides for some guarantees to the interested subject(s), and allows
them to participate to the proceeding.
In particular, following Principle 9, the banks shall be “timely” communicated
about the findings of supervisory on- and off-site analyses, in writings or orally. In
this last case, “at an early stage” the supervisors should meet with the bank’s Board
members or management, or “where appropriate”, with the independent Board
members, to discuss and comment all the concerns raised.93 Restrictive measures
may be imposed addressing a written document to the bank’s Board.94
After a sanctioning measure has been applied, the bank should be required to
submit regular written progress reports, on which the supervisors shall monitor that
the corrective actions undertaken have been “completed satisfactorily”.95 Also in
this phase, supervisors should be able to cooperate with other competent authorities,
such as national and supranational resolution authorities to ensure the smooth
enforcement of the measures imposed.96
According to the Basel Committee, the implementation of all these parameters is
crucial to ensure a sound prudential regulation and supervision of banks, and bank-
ing systems (and, indirectly, customers) at domestic level. Indeed, both in the EU
and in the US, the Core Principles represent a fundamental term of comparison in
any analysis of supervisory systems, and of their related investigative and sanction-
ing powers, especially to identify lacunas and areas for improvement within a cer-
tain legal system. This is especially relevant for the EU, where a centralised banking
supervisory mechanism has recently entered force, whose powers and regulation
have just started to be tested in litigations before the Court of Justice.
Evidently, the Core Principles do not provide for a comprehensive legal frame-
work of procedural rules and guarantees, but offer only a few basic features that
should be implemented in national banking oversight. However, as will be further
discussed,97 some of the profiles drawn by the Principles result extremely meaning-
ful also under a criminal law perspective, since their violation may already under-
mine at the very bases the possibility for banking supervisors to comply, in light of
the Engel case law, with fair trial guarantees.
92
Cf. Principle 11 – Essential Criteria 4, 6. Analysing the Single Supervisory Mechanism sanc-
tioning powers, Sect. 4.4.2.; for the US regulators, see Sects. 5.2 and 5.3.
93
94
95
96
97
See Sect. 6.1 et seq.
References 105
References
BCBS (1988) International convergence of capital measurement and capital standards. https://
www.bis.org/publ/bcbs04a.pdf. Accessed 16 July 2018
BCBS (2004) International convergence of capital measurement and capital standards. A revised
framework. http://www.bis.org/publ/bcbs107.pdf. Accessed 16 July 2018
BCBS (2006) Basel II: international convergence of capital measurement and capital standards. A
revised framework. Comprehensive version, https://www.bis.org/publ/bcbs128.htm. Accessed
16 July 2018
BCBS (2008) Principles for sound liquidity risk management and supervision. https://www.bis.
org/publ/bcbs144.htm. Accessed 16 July 2018
BCBS (2010) Basel III: A global regulatory framework for more resilient banks and banking sys-
tems (rev June 2011). https://www.bis.org/publ/bcbs189_dec2010.htm. Accessed 16 July 2018
BCBS (2012) Core principles for effective banking supervision, September 2012. https://www.bis.
org/publ/bcbs230.htm. Accessed 16 July 2018. Accessed 16 July 2018
BCBS (2013) Basel III: the liquidity coverage ratio and liquidity risk monitoring tools, January
2013. https://www.bis.org/publ/bcbs238.htm. Accessed 16 July 2018
BCBS (2014a) Basel III: the net stable funding ratio, October 2014. https://www.bis.org/bcbs/
publ/d295.htm. Accessed 16 July 2018
BCBS (2014b) Progress report on implementation of the Basel regulatory framework, April 2014.
https://www.bis.org/publ/bcbs281.htm. Accessed 16 July 2018
BCBS (2014c) A brief history of the Basel Committee, October 2014. http://www.spaeth.ru/
HS20152016/artikel_14.pdf. Accessed 16 July 2018
Calderoni F (2010) Organized crime legislation in the European Union. Springer, Heidelberg
Commonwealth Secretariat (2006) Combating money laundering and terrorist financing: a model
of best practice for the financial sector, the professions and other designated businesses, 2nd
edn
Council of the EU, Conclusions on the EU Anti-Corruption Report, Luxembourg, 5–6 June 2014.
https://www.consilium.europa.eu/media/28069/143117.pdf. Accessed 16 July 2018.
Egmont Group of Financial Intelligence Units (2000) FIU’s in action, 100 cases from the Egmont
Group. https://www.jfiu.gov.hk/info/doc/21-100casesgb.pdf. Accessed 16 July 2018
Egmont Group of Financial Intelligence Units (2013a) Operational guidance for FIU activities
and the exchange of information, 28 October 2013. http://www.cbr.ru/statichtml/file/36881/
operational_guidance%202014.pdf. Accessed 16 July 2018
Egmont Group of Financial Intelligence Units (2013b) Charter, 30 October 2013. https://egmont-
group.org/en/filedepot_download/1658/36. Accessed 16 July 2018
Egmont Group of Financial Intelligence Units (2013c) Principles for Information Exchange
between Financial Intelligence Units, 28 October 2013. https://egmontgroup.org/en/filedepot_
download/1658/37. Accessed 16 July 2018
Egmont Group of Financial Intelligence Units (2018) Annual Report 2016–2017. https://egmont-
group.org/en/document-library/10. Accessed 16 July 2018.
FATF (2001) IX Special Recommendations, October 2001 (reviewed February 2008). http://www.
fatf-gafi.org/media/fatf/documents/reports/FATF%20Standards%20-%20IX%20Special%20
Recommendations%20and%20IN%20rc.pdf. Accessed 16 July 2018
FATF (2002) Annual Report 2001–2002, June 21, 2002. http://www.fatf-gafi.org/documents/docu-
ments/fatfannualreport2001-2002.html. Accessed 16 July 2018
FATF (2012a) International standards on combating money laundering and the financing of ter-
rorism & proliferation, February 2012. http://www.fatf-gafi.org/publications/fatfrecommenda-
tions/documents/fatf-recommendations.html. Accessed 16 July 2018
FATF (2012b) Mandate (2012–2020) Washington, DC. http://www.fatf-gafi.org/media/fatf/docu-
ments/FINAL%20FATF%20MANDATE%202012-2020.pdf. Accessed 16 July 2018
FATF (2015) Annual Report 2014–2015. http://www.fatf-gafi.org/media/fatf/documents/reports/

Annual-report-2014-2015.pdf. Accessed 16 July 2018
FINCEN (2012) Annual Report fiscal year 2011. https://www.fincen.gov/annual-report. Accessed
16 July 2018
Europe and the US. Hart, Oxford
Garner BA (ed. in Chief) (2014) Black’s law dictionary, 10th edn. Thomson Reuters, St. Paul
Hauck P, Peterke S (eds) (2016) International law and transnational organised crime. Oxford
International Monetary Fund & World Bank (2004) Financial intelligence units: an overview,
Washington, D.C. https://www.imf.org/external/pubs/ft/FIU/fiu.pdf. Accessed 16 July 2018
Interpol (2001) Special Session of the Financial Action Task Force (FATF) 29 October 2001.
https://www.interpol.int/content/download/6109/50081/version/2/file/SG20011029.pdf.
McClean D (2007) Transnational organized crime. A commentary on the UN Convention and its
protocols. Oxford University Press, Oxford
Moloney N (2012) Supervision in the wake of the financial crisis: achieving effective “Law in
Action”- A challenge for the EU. In: Wymeersch E, Hopt KJ, Ferrarini G (eds) Financial regu-
lation and supervision. A post-crisis analysis. Oxford University Press, Oxford
MONEYVAL (2015) Annual Report for 2014, July 2015. https://rm.coe.int/annual-report-for-
2014/1680714c14. Accessed 16 July 2018
MONEYVAL (2017) Rules of procedure for the 5th round of mutual evaluations, Strasbourg,
28 September 2017. https://rm.coe.int/rules-of-procedure-for-the-5th-round-of-mutual-evalu-
ations-/1680760792. Accessed 16 July 2018
OECD (2013) Effective inter-agency co-operation in fighting tax crime and other financial crimes,
2nd edn. http://www.oecd.org/ctp/crime/effectiveinter-agencyco-operationinfightingtaxcrime-
sandotherfinancialcrimes.htm. Accessed 16 July 2018
Unger B, Ferwerda J, Van Den Broek M, Deleanu I (2014) The economic and legal effectiveness of
the European Union s anti-moneylaundering policy. Edward Elgar, Cheltenham
Part II
Criminal Profiles in Banking Supervision
Chapter 4
The Institutional Design of EU Banking
Supervision
In the European Union, the burst of the 2006–2008 financial crisis brought to a
dramatic change in the organisation and supervision of the financial market.
Among other innovative profiles, the establishment of new European Union
authorities or, in case of banking oversight, of new tasks and functions within pre-
existing institutions, led to the creation of new administrative procedures grounded
almost completely on EU legal basis.
In the field of banking supervision, the reference mainly goes to the attribution
of essential supervisory functions within the European Central Bank, with the cre-
ation of the Single Supervisory Mechanism. Although administrative in their formal
nature, many of the measures imposable by this supervisor have a direct and signifi-
cant relevance also under a criminal law perspective.
Before looking further into the substantial nature of supervisory sanctions and
measures,1 however, it is necessary to understand what is the context in which the
Single Supervisory Mechanism is exercising its activity; what powers have been
conferred to it, especially with regard to the possibility of imposing punitive sanc-
tions; and which procedural rules and safeguards apply in the investigations carried
out by this new banking supervisor.
To carry out this analysis, Chap. 4 proceeds as follow: Sect. 4.1 illustrates how
the system of banking supervision in the EU (and in the Eurozone) changed in the
aftermath of the financial crisis.
Section 4.2 describes the three European Supervisory Authorities, and especially
the European Banking Authority. The latter, created before the Single Supervisory
Mechanism, constituted a fundamental step in the supranational integration of
financial supervision, and still plays a central role in the Europeanisation of the
financial market. Section 4.3 deals with the substantive law on the matter of banking
supervision applicable in all the EU Member States after the so-called Banking
The theme is analysed in Chap. 6.

1

https://doi.org/10.1007/978-3-030-12161-7_4
110 4 The Institutional Design of EU Banking Supervision
Union reform, with specific regard to the sanctioning powers there provided. Lastly,
Sect. 4.4 deals with the Single Supervisory Mechanism, illustrating its positioning
in the EU legal framework, and then focusing on its supervisory and sanctioning
powers, and on the procedural rules applicable during its investigative
proceedings.
4.1 From the Financial Crisis to the Banking Union
Until recently, banking supervision in Europe was placed mainly at national level,
operating within an extremely fragmented background composed of the 28 legal
orders of the Member States, among which 19 have adopted the Euro as their cur-
rency (establishing the so-called Eurosystem, or Eurozone).
The efficiency of such model thus heavily relied on National Competent
Authorities (NCAs), generally represented by National Central Banks, and on the
implementation of effective forms of cooperation among the latter, legally grounded
on EU directives mostly transposing the content of Basel Accords.2
Increasingly in the last decades, however, and particularly after the burst of the
2006–2008 financial crisis, several reasons revealed the inadequacy of this para-
digm—founded on a very minimum level of harmonization and centralised enforce-
ment—in facing the challenges of a globalized financial market.
The situation was rather peculiar under this perspective, since the Union eco-
nomic market was already operating as a single legal area since the adoption of the
Maastricht Treaty, and (for those countries who did) of the Euro; and also the lead-
ing principles founding the EU banking legislation—mutual recognition of services,
and the home country control—have a clear transnational character.3
Against this background, recent financial scandals implicating important
European banking groups (such as the already mentioned Libor/Eurobar case4) pro-
vided very concrete examples of how supranational freedoms in contexts of highly
fragmented enforcement powers, limited to a domestic dimension, offer a perfect
chance for a wide range of abuses.
Finally made aware of the limitations of such nation-based supervisory mecha-
nisms, in the last few years the European institutions brought about substantial
reforms, which drastically changed the structure of banking oversight both in its
theoretical and practical aspects.5
2
Cf. Sect. 3.5. See also Haentjens and De Gioia-Carabellese (2015), p. 10 et seq.
3
At least since the 1980s, cf. Sect. 2.1.
4
Cf. Sect. 2.2.
5
Cf. European Commission, Reinforcing Sanctioning Regimes in the Financial Service Sector
(COM(2010) 716). Highlighting the difficulties in addressing the interconnections of the financial
markets not only rom a national perspective, but also from a sectorial one, Bradley (2014), p. 277
et seq.
4.1 From the Financial Crisis to the Banking Union 111
The first notable reform on the matter dealt with the need of increasing the effi-
ciency of the legislative process in the area of financial regulation.
In 2000, the Council of the European Union assigned the task of carrying out an
in-depth analysis and elaborate a proposal to a group of experts, the so-called
Lamfalussy Group. Following the experts’ conclusions, starting from 2001 the
Union legislative process in financial matters has been re-structured in a four-step
procedure that should better ensure coherence among regulatory texts, emphasising
the Commission’s role in the enforcement phase.6
The most evident reform in the financial regulation, however, emerged in the
juncture of the last financial crisis. In 2009, following the recommendation of
another group of experts appointed by the Commission (known as the de Larosière
Group), the European System of Financial Supervision (ESFS) was created.7
Since its full establishment in 2011, the System was conferred the task of improv-
ing the functioning of the internal market by ensuring appropriate, efficient and
harmonized European regulation and supervisory practices. To achieve this pur-
pose, the ESFS was structured into three European Supervisory Authorities (ESAs)
with jurisdiction over different financial sectors—banks, insurance, and securi-
ties—in addition to the European Systemic Risk Board, entrusted with macro-pru-
dential supervisory tasks. This reform represented also a first attempt to strengthen
the powers of the European Central Bank (ECB) towards the integration of national
supervisory systems, notably increasing the ECB’s consultative role in the decision-
making proceedings regarding any draft legislation in its fields of competence.8
Undoubtedly, though, the massive qualitative leap with regard to banking super-
vision was carried out starting from 2012, when the European Commission offi-
cially presented A Roadmap towards a Banking Union, launching a proposal to
ensure policy on prudential supervision, and rules for financial services to be imple-
mented throughout the participating Member States in a coherent and effective
manner.9
This reform, in fact, directly affected the prerogatives of the ECB and, for the
first time, established a level of centralized banking supervision in the Eurozone.
6
Lamfalussy (2001). A summary of four steps may be found at: http://europa.eu/rapid/press-
release_IP-02-195_en.htm?locale=en. Accessed 20 July 2018; Antonucci (2004).
7
De Larosière (2009). On the fundamental role of this reform proposal in the aftermath of the
financial crisis, see Ferran (2012), p. 62–63; Moloney (2012b), p. 78 et seq. Reconstructing the
steps that brought to the creation of the ESFS and of the ESAs, see Antoniazzi (2013), p. 176 et
seq; cf. also Bradley (2016), p. 1264 et seq.
8
Such as being consulted for “any proposed Community act and by national authorities regarding
any draft legislation in its fields of competence. In addition, the ECB may submit opinions to the
appropriate Community institutions or bodies or to national authorities on matters within its fields
of competence. In the field of prudential supervision (Article 25 of the Statute of the ESCB), the
ECB may offer advice to and be consulted by the Council […] The action of the ECB is also chan-
nelled through its participation in a number of EU committees whose missions encompass a con-
tribution to financial integration […] the ECB also acts in partnership with the private sector to
foster collective action”, cf. ECB Monthly Bulletin (2003), p. 58 et seq.
9
European Commission, A Roadmap towards a Banking Union (COM (2012)510), 12.09.2012.
The idea at the basis of the Banking Union (BU) relied on the awareness that
“mere coordination is not enough, in particular in the context of a single currency”,
as clearly shown during the last financial crisis.10 The BU project was then s tructured
on several progressive steps, aiming first at the creation of a shared legal framework,
and then at the establishment of new European institutions or tasks for the manage-
ment of the whole banking system in the Eurozone, including supervisory
functions.
Under the first perspective, it was necessary to create a set of common rules and
principles for all interested financial institutions to comply with, especially con-
cerning prudential standards, like capital requirements, and risk management. In
this sense, the Commission first proposed the adoption of a new directive and regu-
lation on bank capital requirements, which became known as the Fourth Capital
Requirements Directive (CRD V shall be transposed by Member States by December
2020), and Regulation (CRR II, partially already into force, will apply completely
from 28 July 2021).11 Together with the 2014 Directives on the protection for
Depositor Guarantees,12 and on Bank Recovery and Resolution,13 these legislative
texts compose a corpus of common rules better known as “Single Rulebook”, which
applies in all EU Member States.14
Under the second profile, the Banking Union reform brought to the creation of
new Union bodies with competence over three main legal areas, representing the
three BU structural “pillars”: Banking supervision (with the Single Supervisory
Mechanism or “SSM”, internal to the ECB); the management of bank crises and
failure (with the Single Resolution Mechanism, and the Single Resolution Fund);
and the protection of depositors (with the European Deposit Insurance Scheme).
While the latter two have jurisdiction over all EU Member States, the new supervi-
sory regulator is exercising its activity only within the Eurosystem.
Against this background, to date two partially overlapping systems of financial
oversight are in force in the EU, characterized by similar supervisory goals, but dif-
ferent enforcing methods: One for the whole Union (European Supervisory
10
Recital (5), EU Council Regulation No 1024/2013 of 15.10.2013 conferring specific tasks on the
European Central Bank concerning policies relating to the prudential supervision of credit institu-
tions (SSM Regulation). On the recalibration of the EU financial system after the crisis, see also
Castañeda et al. (2016); Mayes (2014), p. 743; Dinov (2016), p. 159; Epstein and Rhodes (2016),
pp. 90–103; Hanten and Heljula (2015); Nieto (2015), pp. 539–546; Eijffinger and Masciandaro
(2013), Hill and Moloney (2012), Boccuzzi (2016), and Hinojosa and Beneyto (2015); Bradley
(2016), p. 1245 et seq.; Bradley (2014), p. 288 ff.; Tröger (2012–2013), pp. 210–213; Ferran
(2012), p. 1 et seq.; Lo Schiavo (2019); Bonelli (2006); Gortsos (2015b).
11
Cf. above, Sect. 2.1.
12
Directive 2014/49/EU of 16.04.2014 on deposit guarantee schemes.
13
Cf. the Bank Recovery and Resolution Directive (BRRD), Directive 2014/59/EU of 15.05.2014
establishing a framework for the recovery and resolution of credit institutions and investment firms
and amending Council Directive 82/891/EEC, and Directives 2001/24/EC, 2002/47/EC, 2004/25/
EC, 2005/56/EC, 2007/36/EC, 2011/35/EU, 2012/30/EU and 2013/36/EU, and Regulations (EU)
No 1093/2010 and (EU) No 648/2012, cf. Bradley (2014), p. 281 et seq.
14
On the need to harmonise financial regulations, already before the launching of the Banking
Union, see e.g. Andenæs (2012).
4.1 From the Financial Crisis to the Banking Union 113
Authorities; Single Rulebook; Single Resolution Mechanism, and the European

Deposit Insurance Scheme), and one limited to the Eurozone (Single Supervisory
Mechanism), whose investigative and sanctioning powers are analysed in the course
of this analysis.
Although not directly operating in the field of banking supervision, which repre-
sents the core of this work, drafting a quick picture of the last two pillars of the
Banking Union is useful to understand the context in which the SSM is operating.
Gradually entered into force during 2014–2015, the Single Resolution Mechanism
(SRM) and Fund (SRF) have become fully operation in all Member States starting
from January 1st 2016.15
The purpose of the SRM is to guarantee an efficient management of bank crises
and resolution, in case credit institutions covered by the SSM are failing despite
centralized supervision, especially to reduce negative effects on depositors and tax-
payers, and put the burden of bank crisis rather on shareholders and creditors.16 To
achieve so, the EU has both adopted common rules on the management of banking
crises—with the Banking Recovery and Resolution Directive (BRRD)—and
required Member States to establish ex ante a Single Resolution Fund (SRF), paid
for by fixed premiums charged upon credit institutions.17
The SRF could be used to financially support resolution measures, following the
rules agreed at Community level through an Inter-Governmental Agreement (IGA),
which entered into force after having been ratified by most EU countries, and will
have to be built up over a period of 8 years.18
The fund is managed by the central decision-making body of the SRM: The
Single Resolution Board (SRB), which is responsible to ensure that cases are pro-
cessed with minimal costs for taxpayers and to the real economy.19 The Board is
composed of 28 members, one for each participating Member State, plus a Chair, a
vice-chair and other four full-time members, appointed by the European Council on
15
The SRM and SRF’s implementation relies on several legislative acts: the Bank Recovery and
Resolution Directive (BRRD); Regulation (EU) No 806/2014 of 15.07.2014 establishing uniform
rules and a uniform procedure for the resolution of credit institutions and certain investment firms
in the framework of a Single Resolution Mechanism and a Single Resolution Fund and amending
regulation (EU) No 1093/2010; and Council Implementing Regulation (EU) 2015/81 of 19.12.2014
specifying uniform conditions of application of Regulation (EU) No 806/2014 with regard to ex
ante contributions to the Single Resolution Fund. On the creation of the SRM, Lo Schiavo (2014),
pp. 689–704; Antoniazzi (2014b), p. 717.
16
Before the entry into force of the BRRD, a similar goal was pursued by the Communication from
the Commission on the application of State aid rules to support measures in favour of banks in the
context of the financial crisis, better known as “Banking Communication”, revised several times
(lastly on August 1st 2013). The application of the Communication also in the new legal frame-
work is currently debated.
17
Recital (2), Council Implementing Regulation (EU) 2015/81. On the limits of the legal basis
funding the SRM, see Kern (2015), p. 175 et seq.
18
Cf. EC, Press release 30.11.2015. http://europa.eu/rapid/press-release_STATEMENT-15-6200_
en.htm. Accessed 20 July 2018.
19
Decision of the Plenary Session of the Single Resolution Board on adopting the Financial
Regulation of the Single Resolution Board (Board), Brussels, March 25th 2015.
the basis of an open selection procedure, after the European Parliament had approved
a shortlist proposed by the Commission.20
Granted with investigating powers similar to the SSM to fulfil its tasks (which
could likely be the subject of a separate dissertation, as they might possibly cause
critical issues similar to the SSM’s), the Board is entrusted to decide whether a bank
is failing or likely to fail, whether it is necessary to place it into resolution, and
whether and how to use the SRF—which, in any case, can contribute to the resolu-
tion only if at least 8% of the total liabilities of the failed bank have been already
bailed-in. The resolution scheme prepared by the Board shall then be approved or
rejected by the Commission or, in certain circumstances, by the Council within
24 h.21 Under the SRB supervision, the execution of the resolution scheme in a spe-
cific country will be left in charge of the designed National Resolution Authority
(NRA).22
To preserve the sensitivity of the matter, the SRM Regulation requires that the
decisions concerning the use of those funds shall be carried out independently from
the European Central Bank.23
To safeguard depositors whose bank is failed, the Banking Union project pro-
vided for Deposit Guarantee Schemes (DGS), which may be used to reimburse
limited amounts of deposits.24 Since national DGSs may remain vulnerable to large
local shocks, a European Deposit Insurance Scheme (EDIS) has also been estab-
lished, to ensure equal protection of deposits, regardless of the State where they are
located. Within this framework, the coverage of national deposit guarantee has been
harmonized at the EU level on the sum of € 100,000 per depositor, per institution.
As soon as the EDIS will be fully operational, if a bank is placed into insolvency or
resolution, and it is necessary to pay out deposits under that threshold, the national
Deposit Guarantee Schemes and the EDIS will intervene. DGS however, are not
aiming only at protecting depositors: They may be also useful to maintain the finan-
cial stability of the market in case of bank failures. In particular, they should avoid
depositors from making panic withdrawals, and thus prevent such a behaviour to
bring on a wide dimension its tragic economic consequences.
20
Recital (31) and Article 43 Regulation No 806/2014.
21
Article 18(7) Regulation No 806/2014.
22
To be identified at national level, in most cases it corresponds to the national authority competent
for banking supervision.
23
For this purpose, the SRM is supported by a budget which is separated from the ECB, cf. Article
47 Regulation No 806/2014.
24
Directive 2014/49/EU of the European Parliament and of the Council of 16.04.2014 on Deposit
Guarantee Schemes, recently reviewed.
4.2 The European Supervisory Authorities 115
4.2 The European Supervisory Authorities
As anticipated, three are the agencies composing the European System of Financial
Supervision, whose role is still fundamental in the EU also after the creation of the
Single Supervisory Mechanism and the Single Resolution Fund (even though their
regulations are currently under revision to adjust to the new legal framework25): The
European Banking Authority, the European Insurance and Occupational Pensions
Authority, and the European Securities and Markets Authorities.
The purpose of the European Banking Authority (EBA) is to maintain the safety
and soundness of the banking system and its financial stability across the EU, ensur-
ing effective and consistent prudential regulation, and supervision.
To achieve so, the EBA was granted an extremely relevant role in the context of
financial supervision, where it substantially contributes to the creation of prudential
rules for financial institutions to be applied in all Member States, as well as to the
promotion of supervisory practices and risk-assessment evaluations of the banking
sector.
Two bodies govern the Authority: The Board of Supervisors (BoS) and the
Management Board. While the latter has essentially proposing powers, the BoS
represents the real decision-making body when it comes to the approval of stan-
dards and supervisory guidelines. The Board is composed by the 28 heads of the
Member States’ supervisory authorities, and by several members with observer sta-
tus, including the Board’s Chair.26 The Chair is appointed by the Board itself, but the
European Parliament has the authority to object the designation before she takes up
25
The reform should aim at make the ESAs acting more independently from national interests, cf.
European Commission, Proposal for a Regulation Amending Regulations (EU) No 1093/2010
(European Banking Authority); No 1094/2010 (European Insurance and Occupational Pensions
Authority); No 1095/2010 (European Securities and Markets Authority); No 345/2013 on European
venture capital funds; No 346/2013 on European social entrepreneurship funds; No 600/2014 on
markets in financial instruments; No 2015/760 on European long-term investment funds; No
2016/1011 on indices used as benchmarks in financial instruments and financial contracts or to
measure the performance of investment funds; and No 2017/1129 on the prospectus to be pub-
lished when securities are offered to the public or admitted to trading on a regulated market,
Brussels, 20.9.2017 COM(2017) 536 final, 2017/0230 (COD) (hereinafter, “European Commission,
Proposal”). On the creation and original powers of the EBA see Antoniazzi (2013), pp. 176–186.
In September 2018, as a reaction to the Danske Bank scandals related to money laundering viola-
tions, and as part of a broader strategy to strengthen the EU framework for prudential and anti-
money laundering supervision for financial institutions, the 2017 proposals were amended (among
other reasons) to give EBA tools, governance and resources to ensure effective cooperation and
convergence of supervisory standards in the area of anti-money laundering (Cf. Brussels,
1.09.2018, 12111/18, Interinstitutional File 2017/0230(COD)). The proposed reform, however, to
date does not address the critical issue of creating also an adequate investigating structure within
the EBA (which, instead, could be now found in the European Central Bank).
26
Article 40, Regulation (EU) No 1093/2010 of 24.11.2010 establishing a European Supervisory
Authority (European Banking Authority), amending Decision No 716/2009/EC and repealing
Commission Decision 2009/78/EC.
her duties.27 The BoS is also entitled to approve the EBA’s budget; under this profile,
the Authority is mainly funded by a subsidy from the European Union, which is
then integrated by mandatory contributions from the national supervisory
authorities.28
Also after the establishment of the Single Supervisory Mechanism, and the fol-
lowing re-distribution of competences, the EBA maintains a significant position in
the EU. Specifically, the Authority is still entrusted with ensuring the consistency of
supervisory outcomes throughout the Union, monitoring and promoting the imple-
mentation of the Basel III Accord, which is now part of the so-called Single
Rulebook. In addition, the EBA has been mandated to produce secondary legisla-
tion (Binding Technical Standards, or “BTS”29), guidelines, and reports for the
implementation of the CRD IV/CRR package in the European Union.
The results of the EBA’s drafting activity, as incorporated in EU legal acts by the
Commission, are binding also for the action of the European Central Bank which,
under the current legal framework, has been conferred the power to directly adopt
regulations in the field of capital requirements and supervision.30
The role of European Banking Authority remains crucial especially towards
those Member States outside the Eurozone, to which the new ECB’s powers cannot
be applied, unless they specifically issue a notification in this sense.31 There, the
EBA represents the only form of EU banking oversight, capable–if not to directly
intervene in the concrete management of banks—at least to affect the parameters
according to which national supervisions shall be enforced. Potentially, it is in this
capacity that the Commission proposed, in 2018, to confer to EBA also specific
powers against money laundering and financing of terrorism.32
A fundamental role in the EU financial market is played also by the European
Insurance and Occupational Pensions Authority (EIOPA), and the European
Securities and Markets Authority (ESMA).33
27
Article 48(2), Reg. 1093/2010.
28
Article 62, Reg. 1093/2010. In the proposal of reform of 2017, the contribution from the national
supervisors will be substituted by contributions from the financial sector, cf. European Commission,
Proposal-Explanatory Memorandum, p. 279 et seq.
29
BTS are “legal acts which specify particular aspects of an EU legislative text (Directive or
Regulation) and aim at ensuring consistent harmonisation in specific areas. BTS are always finally
adopted by the European Commission by means of Regulations or Decisions. According to EU
law, Regulations are legally binding and directly applicable in all Member States. This means that,
on the date of their entry into force, they become part of the national law of the Member States and
their implementation into national law is not only unnecessary but also prohibited”, cf. http://www.
eba.europa.eu/regulation-and-policy/single-rulebook. Accessed 20 July 2018.
30
Cf. Article 132 TFEU, and Recitals (7)–(32), Council Regulation (EU) No 1024/2013 of
15.10.2013 conferring specific tasks on the European Central Bank concerning policies relating to
the prudential supervision of credit institutions (hereinafter “SSM Regulation”-SSM R).
31
Cf. Article 7 SSM R. This option so far remained unapplied.
32
Cf. supra, note 25.
33
ESMA is particularly touched by the Proposal of reform issued by the Commission, according to
which it should get direct supervision over certain sectors of capital markets across the EU, like
capital market data; capital market entry; capital market actors; and market abuse cases, see EC,
4.2 The European Supervisory Authorities 117
These authorities, governed by a Board of Supervisors and by a Management

Board with a composition equivalent to those of the Banking Authority, and charac-
terized by a similar funding system,34 are not illustrated here in their detailed
prerogatives and tasks, since their fields of competence do not strictly concern bank-
ing investigations. Nonetheless, in the remit of this work, their presence in the ESFS
shall be taken in due account when assessing the overall efficiency of financial
supervision in the EU.
Against the most relevant decisions taken by the ESAs, a special Joint Board of
Appeal has been set up, which results a fundamental term of comparison with the
form of internal administrative review established for the Single Supervisory
Mechanism.35
Specifically, the decisions which may be appealed are those concerning: Breach
of EU law by a supervisor; actions in emergency situations; disagreements between
competent authorities in cross-border situations; and decision of direct and indi-
vidual concern to natural or legal persons.36
In order to ensure its independence, the Board of Appeal is composed of six
members and six alternates, appointed by the ESAs among individuals who are not
part of the staff of any national competent authority or EU institution “involved in
the activities of the Authority”, and equipped with “a proven track record of profes-
sional experience in the fields of banking, insurance, occupational pensions and
securities markets or other financial services, and with the necessary legal expertise
to provide expert legal advice in relation to the activities of the Authorities”.37 The
decisions of the Board of Appeal can themselves be further appealed before the
Court of Justice of the European Union.38
Creating a stronger and more integrated European financial supervision for the Capital Markets
Union, Press release, Brussels, 20.09.2017. http://europa.eu/rapid/press-release_IP-17-3308_en.
htm. Accessed 20 July 2018.
34
Cf. Article 62 Regulation (EU) No 1094/2010 of 24.11.2010 establishing a European Supervisory
Authority (European Insurance and Occupational Pensions Authority), amending Decision No
716/2009/EC and repealing Commission Decision 2009/79/EC; Article 62, Regulation (EU) No
1095/2010 of 24.11.2010 establishing a European Supervisory Authority (European Securities and
Markets Authority).
35
Cf. Section II, ESAs Regulations; see below, Sect. 4.4.3. For an analysis of the Joint Board of
Appeal, see, e.g., Looseveld (2013a), pp. 9–13; Magliari (2017), pp. 101–111; Moloney (2012a),
p. 136.
36
Cf. Article 60(1) ESAs Regulations. In addition, also decisions adopted in accordance with the
applicable EU banking and financial legislations ex Article 1(2) ESAs Regulations.
37
Cf. Articles 58 and 59 ESAs Regulations.
38
Cf. Article 61, ESAs Regulations. See also Looseveld (2013a), pp. 12–13.
4.3 S
anctioning Powers in the Single Rulebook: Relevant
Provisions of the IV and V Capital Requirement Directive
At the EU level, the most relevant step in the reorganization of banking supervision
(and soon CRR II) was the adoption of the CRD IV-CRR package in 2013. While
the CRR mainly provides for “quantitative” prudential rules (such as minimum
capital buffers, or liquidity requirement), in light of the following analysis—that is
carried out with a criminal law perspective—extremely relevant are the sanctioning
powers recognized by the IV and (from the end of 2020), the V Capital Requirement
Directive (CRD IV/V).
The breaches of prudential requirements that justify the application of these pen-
alties under CRD IV and CRD V are listed in Articles 66 and 67 of the Directive,
and mainly concern: The violation of the requirements necessary to obtain the
licence for exercising credit activity, and the use of false statements or other irregu-
lar means to obtain it39; the violation of the requirements to acquire qualifying hold-
ings and dispose of them, as well as the failure to inform the competent authorities
about the acquisition, or to report other relevant information40; the violation to
implement due governance arrangements and capital requirements,41 and (accord-
ing to CRD V) failure to apply for approval in case of financial holding companies
and mixed financial holding companies.42
In those cases, CRD IV/V recognizes sanctioning powers to the National
Competent Authorities (NCAs) established in each EU Member State for the pur-
poses of banking supervision (mainly, but not necessarily, coinciding with national
central banks).43
Member States are bound to sanction at least the illicit behaviours listed in
Articles 66 and 67 CRD IV/V; which lets them free to provide for additional irregu-
larities and penalties at national level. According to Article 65(1) CRD IV, more-
over, States also retain discretion in deciding whether to punish such conducts under
criminal or administrative law. In the first case, the latter are under the obligation to
“communicate to the Commission the relevant criminal law provisions”.44
Irrespective of domestic qualifications, however, the Directive requires Member
States to confer sanctioning powers to the NCAs, so as to make them able to impose
“effective, proportionate and dissuasive” administrative pecuniary penalties or other
administrative measures, “sufficiently high to offset the benefits that can be expected
and to be dissuasive even to larger institutions and their managers […] to ensure the
39
Article 66(1) lett. a, b; Article 67(1) lett. a. CRD IV/V.
40
Article 66(1) lett. c, d; Article 67(1) lett. b, c, f, g, h, i, m. CRD IV/V.
41
Article 67(1) lett. d, j, k, l, n, o, p. CRD IV/V.
42
Cf. Article 21a and 66(1)(e), introduced by CRD V (Directive (EU) 2019(878 of 20.05.2019).
43
On the coexistence, in the Eurozone, of NCAs and the SSM, see below, Sect. 4.4.
44
Cf. also Recital (41) CRD IV/V. About the potential problems of this provision for the SSM
sanctioning procedures, see below, Sect. 4.4.2.
4.3 Sanctioning Powers in the Single Rulebook: Relevant Provision of the IV and V… 119
greatest possible scope for action following a breach and to help prevent further
breaches”.45
At Articles 66 and 67, the Directive lists the minimum administrative sanctions
that should be applicable in case such breaches are ascertained. Due to the use of a
directive as legal basis, to become enforceable such penalties need to be transposed
at national level, both through State legislation and, where so allowed, specific regu-
lations issued by National Competent Authorities.
Targets of the sanctions include a broad category of subjects, consisting of con-
trolled financial institutions, subjects who effectively rule the business of an institu-
tion, and members of its management body.46
The type of sanctions varies too. They range from the suspension of the voting
rights of the liable shareholders; to the temporary ban against responsible members
of the institution’s management body; the withdrawal of the banking authorization;
the issue of a public statement which identifies the nature of the breach and the
subject responsible, and orders requiring ceasing the conduct and to desist from any
repetitions.47
CRD IV/V also requires NCAs to apply notable pecuniary penalties. Specifically,
financial institutions may be fined up to 10% of the total annual net turnover or of
up to twice the amount of the benefit derived from the breach where that benefit can
be determined. In the case of a natural person, administrative pecuniary penalties
may range up to EUR 5 million.48 As will be discussed further below, the potential
severity of such penalties, despite their statutory classification as administrative,
assumes a pivotal role in determining their substantive nature in light of the Engel
criteria, as applied by the European Courts.49
To enhance the dissuasive effect of the sanctions provided for by the Directive,
all decisions applying such penalties shall be published; a measure which results
especially relevant for the reputational issues involved.50
In particular, according to Article 68 CRD IV/V, publication duties cover admin-
istrative penalties for all breaches of CRD IV/V and CRR and CRR II, against
which there is no appeal, and shall include the information about the type and nature
of the breach, and the identity of the natural or legal person on whom the penalty is
imposed (from which the label of “naming and shaming”51). The publication, which
45
Recitals (35)-(36)-(41) CRD IV/V.
46
Cf. also Recital (35) CRD IV/V.
47
Article 66(2), let. a, b, f; Article 67(2), let. a, b, c, d. CRD IV/V.
48
Article 66(2), let. c, d, e; Article 67(2), let. e, f, g. CRD IV/V.
49
Cf. Sect. 6.2.
50
Cf. Recital (38) CRD IV/V. For the implication upon the presumption of innocence, see Sects.
6.3.5 and 6.3.6.
51
The expression, known since the late nineteenth century, is reported to had begun to be used as a
verbal phrase in the 1990s, following an initiative by the UK Government. “On Oct 8, 1996 The
Independent (London) reported that: “The Home Secretary [Conservative minister Michael
Howard] is also expected to suggest a scheme to ‘name and shame’ young offenders by giving
courts the power to remove the automatic anonymity for under-18s””, source: https://www.phrases.
org.uk. Accessed 20 July 2018. According to Garner (2014), p. 1542, with “shame sanction” is
shall be done in the website of the authorities competent to impose the sanctions,
and remain there for at least 5 years, may be performed on an anonymous basis in
circumstances as exceptional, as unfortunately vague, in which it: (a) Would repre-
sent a disproportionate measure of the privacy of the sanctioned natural persons; (b)
it could jeopardise the stability of financial markets or an ongoing criminal investi-
gation; or (c) where it would cause a disproportionate damage to the institutions or
natural persons involved. In case the sanctions imposed may still be appealed, CRD
IV/V does not require Member States to publish the news that a penalty has been
applied; however, if that is the case, the publication shall also include information
on the appeal status and outcome thereof.
The Directive also provides for a minimum level of harmonisation in the proce-
dure that NCAs should follow in investigating potential breaches, requiring that
national authorities should be entitled all “necessary investigative powers” towards
natural and legal persons, which should be exercised without prejudice to the rights
of the defence of anyone who has been charged.52
More specifically according to Article 65(3), let. a) and b), CRD IV/V, and in line
with Basel Core Principles 1, 9 and 10,53 NCAs should be able to request the sub-
mission of documents, and to obtain all information necessary to carry out their
tasks, orally or in writing, from the subjects under investigation, and to interview
any other person who consents to do so, for the purpose of collecting information
relating to the subject matter of an investigation.54 Let. c) of the same Article also
recognizes that national authorities shall enjoy the power to conduct inspections at
the business premises of the legal persons under investigations, and to examine their
books and records, as well as to take copies or extracts of the latter.55 Judicial autho-
rization to perform those measures shall be requested if so provided at national
level.56
According to Article 72 CRD IV/V, National Competent Authorities should take
into account all relevant circumstances during the decision-making phase, state rea-
sons, and guarantee the right of appeal against decisions that impose sanctions.57
According to Article 69 CRD IV/V, the evaluation processes at national level
shall be supported by a central database containing details of the administrative
penalties imposed, including any appeals in relation thereto. The database, accessi-
ble only to competent authorities, shall be maintained by the European Banking
indicated “A criminal sanction designed to stigmatize or disgrace a convicted offender, and often
to alert the public about the offender’s conviction. A shame sanction usually publicly associates the
offender with the crime that he or she committed” [italics added].
52
Recital (40) CRD IV/V.
53
54
Cf. also Article 52 CRD IV/V.
55
Cf. also Recital (26), and Articles 52, and 122 CRD IV/V.
56
Cf. Sect. 4.4.3 below; critical analysis in Sect. 6.3.3.
57
Cf. also Recital (37) CRD IV/V. The explicit duty to state reasons has been introduced in Article
64(3) by CRD V.
4.4 Banking Supervision in the Eurozone: The Single Supervisory Mechanism 121
Authority, also for the purpose of ensuring an efficient system of exchange of infor-
mation in the field of banking supervision.58
4.4 B
anking Supervision in the Eurozone: The Single
Supervisory Mechanism
With the establishment of the Single Supervisory Mechanism (SSM), the Eurosystem
finally provided itself with a centralised banking supervisory authority, placed
within the European Central Bank (ECB), which was already the single entity
responsible for the monetary policy in the Eurozone.59
The action of this new body founds its legal bases on two fundamental texts: The
2013 EU Council Regulation No. 1024, better known as the SSM Regulation (or
“SSM R”), and the 2014 Regulation No. 468 of the European Central Bank, the so-
called SSM Framework Regulation (or “SSM FR”).60 The new Mechanism offi-
cially entered into force in November 2014, even if the ECB was already conferred
some of its supervisory powers since the previous year.61
The SSM supervisory system, however, does not completely substitute national
oversight and control over all credit institutions, but centralised only some (although
rather broad) functions and tasks. In the current legal framework, therefore, banking
supervisory tasks are shared between the ECB and National Competent Authorities,
(NCAs).62
Starting from November 2014, the SSM substituted national authorities in super-
vising all “significant” credit institutions, financial holding companies, mixed finan-
cial holding companies, or branches of the above. According to the criteria
established in Article 6 SSM R, an institution shall be assessed as “significant”
based on parameters such as: The institution’s size; its importance for the economy
of the Union or of any participating Member State; and the relevance of its cross-
border activities.63 Irrespective of their absolute size, the SSM always supervises the
three most significant credit institutions in each of the participating Member States.
58
Recital (39) CRD IV/V.
59
Cf. Recital (13) SSM R. For the economic and political background at the basis of the ECB bank-
ing supervisory powers, Antoniazzi (2013), p. 159 et seq.; Antoniazzi (2014a), p. 359.
60
See EU Council Regulation No 1024/2013 of 15.10.2013, cit., and Regulation (EU) No 468/2014
of the European Central Bank of 16.04.2014 establishing the framework for cooperation within the
Single Supervisory Mechanism between the European Central Bank and national competent
authorities and with national designated authorities (hereinafter “SSM Framework Regulation—
SSM FR”).
61
“From 3 November 2013, the ECB may start carrying out the tasks conferred on it by this
Regulation other than adopting supervisory decisions”, cf. Article 33(3), SSM R. See also ECB-
SSM Quarterly Report (2014).
62
On the analysis of the relationships between ECB and NCAs, in terms of supervisors’ liability,
see D’Ambrosio (2015), especially p. 124 et seq.; Andenæs (2015), pp. 3–6; Barbagallo (2014).
63
The institution shall not generally be considered less significant if: the total value of its assets
exceeds EUR 30 billion; the ratio of its total assets over the GDP of the participating Member State
The ECB may also, on its own initiative, consider an institution to be of signifi-
cant relevance whether the latter has established banking subsidiaries in more than
one participating Member State, and its cross-border assets or liabilities represent a
significant part of its total assets; or when it is necessary to ensure consistent appli-
cation of high supervisory standards.64 According to those criteria, currently the
SSM exercises its supervision on 116 significant banking groups, representing
almost 82% of the total banking assets in the Eurozone.65
“Less significant” credit institutions remain instead under the oversight of
national authorities,66 which are also competent for all macro-prudential tasks not
explicitly assigned to the EBC (such as the provision of investment and payment
services, or the issuance of electronic money67).
Within this competence, National Competent Authorities may begin a supervi-
sory proceeding on their own initiative; may be requested by the ECB to start a
proceeding; or even ask the ECB to be requested to start a proceeding within their
jurisdictions.68 NCAs remain also in charge of certain sensitive tasks, such as verify-
ing the compliance of financial institutions with AML/CFT Programs; referring rel-
of establishment exceeds 20%, unless the total value of its assets is below EUR 5 billion; the ECB
takes a decision confirming such significance following a comprehensive assessment by the ECB,
following a notification by its national competent; and for those for which public financial assis-
tance has been requested or received directly from the EFSF or the ESM, cf. Article 6(4) et seq.
SSM R, and Article 57 et seq. SSM FR.
64
Article 6(4) SSM R, as specified by Articles 1-2-39-40-43-44-50-51-52-57-58-59 SSM FR.
On the separation of competences found on this criterion, see also Gortsos (2015a), pp. 401–
420. On the interpretation of the notion of “significance” in the context of the SSM, cf. recently
CJEU, Landeskreditbank v ECB, Case T-122/15, 16.05.2017, ECLI:EU:T:2017:337 (confirmed in
appeal in Case C-450/17 P), § 63 et seq., as confirmed by Credit Mutuel Arkea v ECB, Case
T-52/16, 13.12.2017, ECLI:EU:T:2017:902, § 61 (appeal currently pending before the ECJ in Case
C-153/18 P), and in cases T-768/16 (BNP Paribas) ECLI:EU:T:2018:471; T-758/16 (Crédit agri-
cole SA), ECLI:EU:T:2018:472; T-757/16 (Société generale), ECLI:EU:T:2018:473; T-751/16
(Confédération nationale du Crédit mutuel), ECLI:EU:T:2018:475; T-745/16 (BPCE),
ECLI:EU:T:2018:476; T-733/16 (La Banque postale), ECLI:EU:T:2018:477, all of 13.07.2018.
65
Cf. https://www.bankingsupervision.europa.eu/ecb/pub/pdf/ssm.listofsupervisedenti-
ties20190502.en.pdf. Accessed 16 June 2019, periodically updated (last update: May 2019).
66
Article 5 SSM R; and Recital (5) and Article 7 SSM FR.
67
Cf. Article 1 and Recital (28) SSM R according to which: “Supervisory tasks not conferred on
the ECB should remain with national authorities. Those tasks should include the power to receive
notifications from credit institutions in relation to the right of establishment and the free provision
of services, to supervise bodies which are not covered by the definition of credit institutions under
Union law but which are supervised as credit institutions under national law, to supervise credit
institutions from third countries establishing a branch or providing cross-border services in the
Union, to supervise payment services, to carry out day-to-day verifications of credit institutions, to
carry out the function of competent authorities over credit institutions in relation to markets in
financial instruments, the prevention of the use of the financial system for the purpose of money
laundering and terrorist financing and consumer protection”.
68
Article 134(2) SSM FR. These options will be further analysed below in paras 4.1, and 4.2.
evant information to judicial authorities; and enforcing consumer protection

policy.69
The new system of banking supervision in the Eurozone is thus characterized by
a peculiar combination of centralized and peripheral oversight, in which most daily
operations need to be coordinated between National Competent Authorities and the
European Central Bank, who retains the responsibility for the overall supervisory
performances.
Aware of this context, effective cooperation is strongly supported in the new
SSM Regulations, which require NCAs to assist the Central Bank and to follow its
instructions within its sphere of competence.70 Recognizing the importance of the
long-established supervisory expertise reached by NCAs with regard to their own
national contexts, the SSM Regulations allow national and EU experts to operate
together through the creation of Joint Supervisory Teams (JSTs), which, as it will be
further illustrated, have a fundamental role in the daily supervision of credit
institution—and accordingly, in case of breaches, in the first phases of the

investigation.71
In addition to these supervisory functions, Articles 4(1)(a)(c) and 6 SSM R pro-
vide for certain tasks for which—since November 2014—the SSM is the competent
authority in relation to all credit institutions of participating Member States, regard-
less for any classification on the “significance” of the bank. These are the cases of
the so-called “common procedures”, listed in Articles 14 and 15 SSM R, which
concern granting and withdrawing of banking authorizations; and approval of the
acquisitions of qualifying holdings.72
Interestingly, to perform such tasks, Article 4(3) SSM R grants the SSM with the
possibility of applying “all relevant Union law, and where this Union law is com-
posed of Directives, the national legislation transposing those Directives. Where
the relevant Union law is composed of Regulations and where currently those
Regulations explicitly grant options for Member States, the ECB shall apply also
the national legislation exercising those options” (italics added).
The faculty for the ECB to apply national legislation transposing directives rep-
resents a peculiar feature not only in banking supervision, but for the whole distri-
bution of powers within the EU, since, at least in principle, institutions, organs,
agencies and bodies of the Union apply EU and not national law.
This feature, as will be discussed further below, poses moreover relevant issues
when it comes to define before which court such acts may be challenged, and in
69
Recital (28) SSM R.
70
Article 6(3) SSM R.
71
Articles 3 to 5, and 115 SSM FR. Cf. below, Sect. 4.4.3.
72
As defined by Article 2(3) SSM FR. For an analysis of these measures in the context of the Engel
case-law, see Sect. 6.2. Qualifying holding are defined by Article 4(1)(36) CRR as “means a direct
or indirect holding in an undertaking which represents 10% or more of the capital or of the voting
rights or which makes it possible to exercise a significant influence over the management of that
undertaking”.
particular which scope of review the Court of Justice may exercise in such cases (on
which the CJEU has already started to issue decisions73).
The fact that the SSM, as part of an EU institution, may apply national law, how-
ever, does not strictly represent an unicum in the EU legal framework.
As underlined by legal scholars, the Commission for instance, both in the
infringement proceedings, and in competition law, already enjoys some competence
related to national law.74 In the first case, the Commission may need to interpret
national law to assess whether a Member State is in breach of EU law, in order to
decide on the initiation of the infringement procedure.75
Under antitrust law, on the other side, national competition authority within the
European Competition Network have the responsible to ensure the compliance of
domestic legal systems with the relevant TFEU provisions, in accordance with the
primacy of EU law.76 In case Member States introduce measures contrary to the EU
competition rules, such authorities are naturally competent to disapply national law
in the course of their investigations. However, where the anti-competitive behaviour
based on national law is such as to require the intervention of the Commission, the
latter would be entitled to interpret national law, for instance to verify whether
undertakings may invoke any exemption. The same vertical application of national
law may occur in case of appeals before sanctions applied in these contexts.77
In both cases, however, contrary to the SSM, the Commission competence
towards national law does not extend also to its direct application, being limited in
the first case to its interpretation, and in the latter to its disapplication or to consider
it a factor precluding the imposition of a sanction.78
More relevant to the SSM prerogatives seems instead the area of EU trade mark
protection, where indeed the European Union Intellectual Property Office (EUIPO),
a decentralised agency of the European Union which deals with IP rights protection,
may declare invalid a trade mark (also) on the basis of national law. In this case, in
fact, the EUIPO may directly interpret and apply national law during EU
proceedings.79
73
Cf. Caisse régionale de crédit agricole mutuel Alpes Provence and Others v European Central
Bank, Joined Cases T-133/16 to T-136/16, 24.04.2018, ECLI:EU:T:2018:219; for an analysis of
the CJEU jurisdiction in these cases, see Sect. 6.3.3.
74
Cf. Magliari (2015), pp. 1355–1357.
75
On the matter see, e.g., Gil Ibáňez (1999).
76
Consorzio Industrie Fiammiferi (CIF) v Autorità Garante della Concorrenza e del Mercato,
Case C-198/01, 9.09.2003, ECLI:EU:C:2003:430, §§ 48–50, cf. also Cassese (2003), p. 1129 et
seq.
77
Cf. Marchetti (2014), p. 32, although the case-law on the matter is not especially developed yet.
78
In this sense, Magliari (2015), pp. 1356–1357.
79
Cf. Article 53(2) Council Regulation (EC) No 207/2009 of 26.02.2009 on the Community trade
mark. Until 23 March 2016, EUIPO was known as Office for Harmonisation in the Internal
Market-OHIM. See also Magliari (2015), pp. 1357–1358.
Last but not least, in the criminal matter, a power to directly apply national law
may be found in the EPPO Regulation80: A parallelism which is perhaps indicative
of the common idea of “federal” Europe, shared by both this and the Banking Union
project.81
In banking supervision, in particular, the faculty of directly applying national law
has been grounded on the fact that a large part of supervisory legislation remains
governed by national law, that is highly fragmented even when transposing EU
directives. Having a single European institution being able to apply all these differ-
ent statutes could then be an indirect vehicle of harmonization.82
Similarly to the EUIPO, the national law which the ECB may currently apply
according to Article 4(3) SSM R seems to be only of substantial nature, since (at
least so far) administrative procedural law at the national level is mostly not deriv-
ing from the transposition of EU directives.83 The SSM powers in this case, there-
fore, appear analogous to those of the Intellectual Property Office, even though their
concrete impact—also concerning the review of the acts so adopted before the
CJEU—may be more extensive, given the broad scope of application of the ECB
supervisory powers.84
Coming to the organization of the Single Supervisory Mechanism, being located
within the European Central Bank, the SSM falls under the general management of
the Governing Council, the highest decision-making body of the ECB, although the
SSM Regulation requires supervisory tasks to be exercised “in full independence”.85
The Governing Council is composed of the six members of the ECB Executive
Board, and of the 19 Governors of the National Central Banks of the Member States
whose currency is the Euro.
The ECB Executive Board is composed of the ECB President, a vice-president
and four other members, all appointed by the European Council acting by a quali-
fied majority. These members are responsible for the current business of the ECB,
80
Cf. Article 5(3), EPPO Regulation (2017/1939), cit., see also Sect. 2.3.4. Contrary to the SSM,
however, all the measures grounded on national law issued by the EPPO fall under the jurisdiction
of national courts. Cf. also Sect. 6.3.3.
81
This new feature may be read as a relevant step in the European integration project towards the
acknowledgement of a single integrated legal system, composed indifferently of European and
national law; in this sense, cf., e.g., Witte (2014), p. 109. Such an interpretation may be confirmed
considering that also the EPPO, which has been proposed precisely with the idea of strengthening
the European integration under a criminal procedure point of view (like the SSM in its field) will,
if the project will be approved, have to apply not only European, but also and above all national
relevant law.
82
See Senkovic (2015), p. 100, according to which that would imply that national law cannot (any
longer) “be applied in a way that would undermine the effectiveness and the uniformity of EU law
or serve as a tool for protectionist purposes”.
83
Different is the case of Article 9(1) SSM R, see below Sect. 4.4.1. Arguing that the reference
contained in Article 4(3) refers only to “organizational matters”, Lamandini (2015), pp. 122–123.
84
This issue is further analysed in Sect. 6.3.3.
85
Recital (66) and (75) SSM R.
and hold permanent voting rights in the Governing Council for all their mandate.86
The attribution of voting rights among national Governors is quite complicated.
According to the Treaties, as soon as the number of Euro-area countries exceeded
18, a rotation voting system shall be implemented; a situation which occurred in
2015, when Lithuania acceded to the Euro.87 Consequently, participating States are
divided into two groups depending on their economies and financial sectors’ size.
Following such ranking, which shall be reviewed at least every 5 years, Governors
have been grouped: A first group of five (currently representing DE, FR, IT, ES and
NL) share four voting rights; all the other Governors share 11 voting rights. Within
each group votes are exercised in monthly turns. Daily management of the SSM is
then exercised by a special body, internal to the ECB, called Supervisory Board
(SB).88 The Board is composed of a Chair, with a non-renewable mandate of 5 years,
a vice-chair, chosen from among the members of the Executive Board, four ECB
representatives and one NCA representative for each participating Member State.89
SSM supervisory tasks are paid through annual fees charged upon the controlled
credit institutions established in the participating Member States.90
The new supervisory functions shall be exercised independently from the mon-
etary functions of the ECB. However, having chosen for a model in which banking
supervision and monetary policy are reunited in the same institution, and, above all,
since the TFEU was not modified for the establishment of the Single Supervisory
Mechanism, the latter has not been equipped with its own decision-making body.
This led to the current situation, in which supervisory legally binding decisions can
be issued only by the ECB decision-making bodies, and in particular, according to
the SSM Regulations, by the Governing Council.91
The relation between the Supervisory Board and the Governing Council is regu-
lated by what goes under the name of “non-objection procedure”, provided for by
Article 26(8) SSM R. In this model, it is only the Supervisory Board (SB) which
drafts the content of supervisory decisions. Once notified to the Governing Council,
SB drafts are to be considered approved, unless the Council opposes in writing
within a period not exceeding a maximum of ten working days. The Governing
Council may oppose the draft decision on its own initiative, or following an objec-
tion presented by a Member State which is participating to the SSM but whose cur-
86
Article 11, Statute of the European System of Central Banks (ESCB) and of the European Central
Bank, to date Protocol No 4 to the TFEU.
87
Article 10(2), Statute of the ESCB and of the ECB. The original decision provided for the mecha-
nism to be enforced when there were more than 15 Euro area countries, but the option to postpone
that until they reach the number of 18 has been used.
88
On the relationship between the SB and the Governing Council due to the (not-amended) Treaty
legal basis, see Ter Kuile et al. (2015), p. 174 et seq.
89
The Board is operational since the approval of the Decision of the European Central Bank of
6.02.2014 on the appointment of representatives of the European Central Bank to the Supervisory
Board (ECB/2014/4). From April 2014, the activity of the Board is also regulated by the Rules of
procedure of the Supervisory Board of the European Central Bank of 31.03.2014.
90
Cf. Recitals (77)-(78) SSM R.
91
For a critical evaluation of this structure in terms of independence, see Sects. 6.1 and 6.1.1.
rency is not the euro.92 In both cases, where there is a contrast between the positions
of the Governing Council and the Supervisory Board, another newly established
body, called Mediation Panel, takes the final decision, possibly achieving a
balance.93
The Panel, especially entrusted with the task of preserving the independence of
the supervision from the influence of the financial policy, and preventing conflicts
of interests within the same ECB, is composed of one member per participating
Member State, appointed at national level.94
4.4.1 SSM Supervisory Powers
Several are the prerogatives which the Single Supervisory Mechanism may exercise
in carrying out its functions, a first relevant set of which goes under the name of
“supervisory powers”. In the intention of the SSM Regulations, these powers shall
aim at ensuring the compliance of credit institutions, financial holding companies or
mixed financial holding companies with the prudential requirements established in
CRR/CRR II and CRD IV/V.
To achieve so, supervisory powers allow the SSM to intervene in the manage-
ment of a bank and address specific critical circumstances, provided for by Article
4(1) and (2) SSM R: For instance, if the bank is found in breach, or is likely to
breach, prudential requirements; during the assessment over management’s fit and
proper, or while conducting stress tests; and in cases where early intervention might
be needed.95 “Common procedures” under Articles 14 and 15, as illustrated above,96
also represent special circumstances in which such oversight powers may be
exercised.
If the SSM, and especially the Joint Supervisory Team in charge for the daily
supervision of a specific credit institutions, reckons one or more of these situations
emerge, supervisory measures may be applied following the non-objection
procedure.
92
The option of participating to the SSM even without having accessed to the Euro is provided for
by Articles 7(8) and 26 SSM R, but has not been implemented by any EU Member State yet, on the
issue see, e.g., Dumitrescu (2017), p. 1.
93
Recital (76) SSM R, and Article 25§ 5 SSM FR. From June 2014, the Panel’s composition and
powers are provided for by Articles 3–4, Regulation (EU) No 673/2014 of the European Central
Bank of 2.06.2014 concerning the establishment of a Mediation Panel and its Rules of Procedure
(ECB/2014/26).
94
Cf. also Decision of the European Central Bank of 17.09.2014 on the implementation of separa-
tion between the monetary policy and supervision functions of the European Central Bank
(ECB/2014/39).
95
Article 4(2) extends the SSM competence for the same cases also to branches of credit institu-
tions belonging to non-participating Member States, located in participating Member States.
96
Cf. above Sect. 4.4.
In particular, Article 16(2) SSM R recognizes the ECB a number of supervisory

powers, including requiring credit institutions to: Hold own fund in excess of the
capital requirements and strengthen own funds (let. a, h); strengthen internal pro-
cesses and strategies (e.g. governance, variable remuneration, let. b, c, g); and
restrict or limit business and risk activities (let. d, e, f). The SSM may also restrict
or prohibit distributions to shareholders (let. i); impose specific liquidity and report-
ing requirements (let. k, j); impose higher requirements for capital buffers, and
apply more stringent measures aimed at addressing systemic or macroprudential
risks97; require additional disclosures (let. l); and remove at any time unsuitable
members from the management bodies in case of non-compliance with the due
requirements set out by CRD IV–V (let. m).
While most of these supervisory powers were already available in the EU legal
framework thanks to Article 104 CRD IV, the discretion of removing of manage-
ment bodies represents a newness of the SSM Regulation, and a power especially
relevant in the assessment of the substantial nature of the measures applicable by the
Mechanism, as will be discussed further.98 In its structure, Article 16 SSM R reveals
the lack of clear distinguishing criteria between “supervisory” and “sanctioning”
powers under Article 18 SSM R (as will be further illustrated in the following para-
graph). Breaches of prudential CRR requirements, for instance, may in principle
trigger the application of both measures, with the only difference that powers estab-
lished by Article 16 refer to measures to be taken by credit institutions «at an early
stage», while no such a specification may be found in Article 18 SSM R.
In this sense, it could be argued a fortiori, by means of interpretation, that sanc-
tions shall be imposed in case of breaches at an “advanced” (i.e. basically irrecover-
able) stage. It clearly appears, however, that the margin of discretion conferred to
the bodies in charge of daily supervisions (Joint Supervisory Teams) in concrete
assessments remains scarcely controllable by the affected parties in lack of specific
statutory parameters, with potentially adverse consequences in terms of fair trial
safeguards.99
Moreover, in accordance with Article 9(1) SSM R, to carry out its supervisory
functions the SSM may also exercise all the other powers conferred to national
authorities at the national level by relevant Union law (such as early intervention
measures). To apply this option, the SSM may send instructions to the NCAs,
requiring them to make use of their powers, in accordance with the conditions set
out in national law.
The use of the wording “instruction”—that is not present as it will be illustrated
hereinafter, in Article 18(5) SSM R100—suggests that NCAs do not enjoy discretion
in executing the request of the SSM to make use of such powers, even though such
97
This power is provided by Article 5(2) SSM R.
98
Cf. Sect. 6.2.
99
Cf., if you wish, Lasagni (2019).
100
Cf. below, Sect. 4.4.2.
acts are adopted under national law.101 Therefore, according to Article 9(1) SSM R
the ECB is “indirectly” entitled to apply national law.
This hypothesis might result even more critical, in the general balance of powers
within the EU, than that established by Article 4(3) mentioned above, according to
which the ECB is entitled to directly apply national law,102 especially, as will be
further debated, with regard to the definition of the standing before the Court of
Justice.103 Indeed, have, the “national law” that the ECB is (indirectly, but with bind-
ing effects) instructing the competent national authorities to apply is not limited
only to substantive law, but seems to cover—given the reference in Article 9(1)
SSM R to the “powers” available to the latter “under and in accordance with the
conditions set out in national law”—procedural law as well.
This case represents therefore an example of the so-called “composite proce-
dures”, in which EU and national authorities both participate, in different but com-
plementary phases, to the same proceeding, and contribute to the decision issued as
its result.104
Such procedures are rather common in the EU legal framework, where “harmo-
nization of procedural law is undertaken not systematically but in bits and pieces
throughout the regulation of various substantive law provisions”,105 and result par-
ticularly challenging to analyse, especially (for what is relevant to this work) with
regard to the definition of clear standards for judicial review (i.e. who is the author-
ity competent for judicial review, what is the scope of the review). These cases,
which involve several stages before the institution arrives to a final decision, include
also those where national authorities contribute to an EU administrative procedure.
In these contexts, according to the applicable CJEU case-law, while intermedi-
ate, merely interlocutory steps cannot be separately reviewed,106 measures that defi-
101
Comparing it to the same binding force of close cooperation, Lackhoff (2017), p. 37.
102
103
Cf. Sect. 6.3.3.
104
Composite procedures are “multiple-step procedures with input from administrative actors from
different jurisdictions, cooperating either vertically between EU institutions and bodies and
Member States’ institutions and bodies, or horizontally between various Member State institutions
and bodies or in triangular procedures with different Member State and EU institutions and bodies
involved. The final acts or decisions will then be issued by a Member State or an EU institution or
body but are based on procedures with more or less formalized input from different levels.
Procedural integration of administrations in the EU creates a network structure. These networks
jointly generate and share information. Such joint generation and exchange of information is the
backbone of cooperation within integrated administration”, cf. Hofmann (2009), p. 136.
105
Hofmann (2009), p. 137, and 139: “Composite procedural elements exist for example in the area
of technical safety, product safety, and standardization and technical norms, the procedures leading
to the admission of medical products and genetically modified organisms, regulation of telecom-
munication, public procurement, asylum procedures, and the fight against money laundering”.
106
Unless in cases where the preliminary acts were “themselves the culmination of a special proce-
dure distinct” from the main one and “which produce a binding legal effect, such as to affect the
interests of an applicant by bringing about a distinct change in his legal position”, cf. Akzo Nobel
Chemicals et o. v Commission, Joined cases T-125/03 and T-253/03, 17.09.2007, ECLI:EU:T:2007:
287, § 45.
nitely lay down the position of the EU decision-making body in the conclusion of
that procedure are considered reviewable acts before the Court in Luxembourg.107 In
such cases, moreover, following the jurisprudence set by Foto-Frost, the validity of
EU acts shall be assessed exclusively by the Court of Justice, which is in the best
position to decide so, due to the fact that national courts could not directly annul EU
acts (like ECB decisions), even when EU institutions apply national law (for achiev-
ing this result, it would be necessary for national courts to make a preliminary refer-
ence to the Court of Justice).108
On the other side, in those cases where the EU merely takes notice of a decision,
that produces legal effects (also) at the EU level, but is substantially assessed by a
national authority, such decision could be reviewed only before the national
courts.109
Against this general background, procedures like that of Article 9(1) SSM R, in
which (at least apparently) national competent authorities lack of discretion in
enforcing the ECB instructions, seem to fall under the scope of review of the Court
of Justice.110 In such cases, however, the decisions at stake are not formally issued
by the ECB, but by a national authority.
Granting a review before the Court of Justice, therefore, would imply extending
the scope of review of the CJEU not only upon national law, but also upon legal acts
adopted by national authorities: A step which, as it will be further argued, might
even jeopardise the very mechanism of preliminary ruling.111
4.4.2 SSM Sanctioning Powers
In addition to supervisory measures, the SSM enjoys also proper administrative (at
leas on paper) sanctioning powers which, according to Article 18(3) SSM R and in
line with the CJEU jurisprudence since the renowned Greek Maize case,112 shall
enable the ECB to impose effective, proportionate and dissuasive penalties.113
107
International Business Machines Corporation v Commission of the European Communities,
Case 60/81, 11.11.1981, ECLI:EU:C:1981:264, § 10; Carl Kühne GmbH & Co. KG and Others v
Jütro Konservenfabrik GmbH & Co. KG, Case C-269/99, 6.12.2001, ECLI:EU:C:2001: 659, § 58.
108
Foto-Frost v Hauptzollamt Lübeck-Ost., Case 314/85, 22.10.1987, ECLI:EU:C:1987:452, §§
17–20.
109
Cf., e.g., Oleificio Borelli SpA v Commission of the European Communities, Case C-97/91,
3.12.1992, ECLI:EU:C:1992:491, §§ 9–13; Jean-Marie Le Pen v European Parliament, Case
C-208/03 P, 7.07.2005, ECLI:EU:C:2005:429, § 50; Emerald Meats Ltd v Commission of the
European Communities, Joined cases C-106/90, C-317/90 and C-129/91, 20.01.1993,
ECLI:EU:C:1993:19, § 40. For an analysis of judicial review (also) in composite procedures, see
Türk (2009), pp. 223–224.
110
Even though doubts may arise in light of the Plaumann admissibility test cf. Sect. 6.3.2.
111
Cf. Sect. 6.3.3.
112
Commission of the European Communities v Hellenic Republic, § 24.
113
Following a 2010 Commission’s Communication on the issue, sanctions are effective whether
they are “capable of ensuring compliance with EU law, proportionate when they adequately reflect
As recalled by Recital (53) SSM R, however, the SSM may impose penalties
only upon legal entities (credit institutions, financial holding companies or mixed
financial holding companies); natural persons, which might also be implicated in
breaches of banking regulations, may be held liable for their conducts only at the
domestic level, following the applicable national law.
According to Article 18 SSM R, there are three broad categories of breaches which
the SSM may spot during its supervisory activity; for two of which, the Mechanism
may directly impose penalties114 upon credit institutions.
A first area in which the SSM exercises direct sanctioning powers is provided for
by Article 18(1) SSM R, that refers to the cases in which banks breach “a require-
ment under relevant directly applicable acts of Union law in relation to which
administrative pecuniary penalties shall be made available to competent authorities
under the relevant Union law”. Within this provision, the expression “directly appli-
cable acts of Union law” has been interpreted as a reference to the EU Regulations,
and in particular, at least so far, to Regulation 575/2013 (CRR).
This hypothesis contains however also an indirect reference to national legisla-
tion. Indeed, according to Article 4(3) SSM R, where regulations, as it is the case of
many provisions of the CRR, grant “options and discretions” to Member States, the
SSM may also apply national legislation exercising those options.115
More controversial appears instead the reference (only) to penalties that “shall be
made available to competent authorities under the relevant Union law”. A first way
to interpret this expression would be that of limiting the ECB sanctioning powers
only to those effectively provided for by national legislation while transposing EU
law (mainly, CRD IV–V). This option, however, seems to leave too much discretion
to Member States, that could impair the functioning of the supranational regulator
the gravity of the violation and do not go beyond what is necessary for the objectives pursued, and
dissuasive when they are sufficiently serious to deter the authors of violations from repeating the
same offence, and other potential offenders from committing such violations”, cf. Communication
from the Commission to the European Parliament, the Council, the European Economic and Social
Committee and the Committee of the Regions, Reinforcing sanctioning regimes in the financial
services sector, Brussels, 8 December 2010 COM(2010) 716 final. Within these general parame-
ters, the concrete assessment over the “gravity of the violation” and the consistency of the penalty
with the “objective pursued” is then referred to the discretion of the competent authority.
114
Cf., e.g., ECB, Explanatory Memorandum, Recommendation for a Council Regulation (EC) No
2532/98 concerning the powers of the European Central Bank to impose sanctions, ECB/2014/19,
Frankfurt, 16.04.2014. https://www.ecb.europa.eu/ecb/legal/pdf/celex_52014hb0019_en_txt.pdf.
115
Options refer to situations where competent authorities or Member States may choose how to
comply with a certain provision selecting from a range of alternatives established in the legislation;
Discretions indicates the situation in which competent authorities or Member States may choose
whether to apply or not a given EU provision. Examples of O&D may be found in Articles 7, 8 and
89(3) CRR. On the extension of the possibility to apply national law in these circumstances, see
Lamandini (2015), p. 122, reporting how, according to a certain line of reasoning, “if the ECB
were empowered to exercise NCAs’ options, it is argued that this would be done for significant
credit institutions only and “this would jeopardize the level playing field” in each Member State
because the ECB and the NCA could exercise the options and discretions differently for significant
and less significant credit institutions””.
simply not transposing or incorrectly transposing EU law (also taking into account
the timing and political discretion in triggering the infringement procedure).
Excluded this hypothesis, it still remains controversial, even after the approval of
CRD V, whether Article 18 SSM R refers only to the measures indicated by Article
66 and 67 CRD IV–V, that include a broad, but still selected list of the potential
breaches of CRR, or whether Member States should be bound by this Directive to
sanction every possible violation of CRR and CRD IV. This last option could be
supported by the wording of Article 65 CRD IV–V (according to which “Member
States shall lay down rules on administrative penalties and other administrative
measures in respect of breaches of national provisions transposing this Directive
and of Regulation (EU) No 575/2013 and shall take all measures necessary to ensure
that they are implemented”). However, it appears dubious that this rather vague
provision could represent an adequate legal basis to ground a sanctioning power
able to directly affect private individuals, especially in light of the rule of law
principle.116
In case a breach under Article 18(1) SSM R is assessed, the SSM may impose
pecuniary penalties on credit institutions “of up to twice the amount of the profits
gained or losses avoided because of the breach where those can be determined, or
up to 10% of the total annual turnover […] of a legal person in the preceding busi-
ness year”.117 Where the sanctioned entity is a subsidiary of a parent undertaking,
the percentage is going to be calculated on a consolidated basis.118
SSM Regulations do not define precisely whether the ECB may impose sanc-
tions over all banking institutions, or only upon those which are under its direct
supervision, and the scholars are divided on the matter.119
Due to a discrepancy between the wordings of Article 6 and Article 18 SSM R,
on this point the Regulations may be interpreted in two different, opposite ways,
both theoretically in compliance with the text, and with BCBS Core Principles 1
and 11.120
According to Article 6 SSM R,121 ECB’s competence is circumscribed to “sig-
nificant” supervised entities; this approach is also in line with Article 124(1)(a)
SSM FR which, regarding to Article 18(1), specifies that the SSM shall be referred
breaches committed by “significant” supervised entities. Nonetheless, the “signifi-
cance” criterion is not mentioned in Article 18 SSM R, which refers to all credit
116
Cf. Allegrezza (2019), p. 32.
117
Recitals (36)-(53) and Article 18(1), SSM R; Recital (24) and Articles 120, 122, 129, 130–132
SSM FR.
118
“The relevant gross income shall be the gross income resulting from the consolidated account of
the ultimate parent undertaking in the preceding business year” cf. Article 67(2), let. g, CRD IV,
and Article 18(2) SSM R.
119
On these aspects cf. Lackhoff (2013), p. 454. In favour of an extended application of Article 18,
see Looseveld (2013b), p. 423; contrary Allegrezza and Voordeckers (2015), p. 156. For the Basel
Core Principles, see above, Sect. 3.5.
120
On these interpretations, see D’Ambrosio (2013), pp. 31–32.
121
institutions, financial holding companies, or mixed financial holding companies

which “intentionally or negligently, breach a requirement” of relevant EU law.122
To solve this ambiguity, it can be useful to rely on a systematic interpretation of
the ECB new supervisory powers, in light of the provisions of the TFEU which
identifies the main objectives of the European Central Bank. Indeed, it is worth
reminding that, due to political reasons, the establishment of the SSM was not
accompanied by a reform of the Treaties: Therefore, the new Mechanism had to
(struggle to) find proper legal basis in the pre-existing legal framework. Such legal
basis was identified in Article 127(6) TFEU, which contemplates the possibility for
the Council to unanimously “confer specific tasks upon the European Central Bank
concerning policies relating to the prudential supervision of credit institutions and
other financial institutions with the exception of insurance undertakings” [italics
added].
Literally interpreted, this provision could even challenge the very legitimacy of
the SSM creation123: Realistically the Mechanism could hardly be described as a
mere addition of specific tasks to the ECB, considering that banking supervision
brought to the development of a whole new legal framework, and to the establish-
ment from scratch of a proper “institution” equipped with its own budget, building
and personnel, which shall exercise its tasks independently from the ECB monetary
functions.124
Even without embracing such an extreme approach, whose analysis goes beyond
the remit of this work what can be inferred from Article 127(6) TFUE is a clear
preference in adopting a cautious (not to say restrictive) interpretation when it
comes to define the scope of newly established ECB functions, at least where the
statutes leave rooms for ambiguity.125
Hence, the option that limits the SSM sanctioning powers only to “significant”
credit institutions appears more grounded from a systematic point of view; from
122
Cf. Article 18(1) SSM R.
123
Raising the issues, among others, Wolfers and Voland (2014), p. 1486.
124
On this point see, e.g., Randell (2013), pp. 39–67.
125
Supporting a restrictive approach in the interpretation see e.g., Kern (2015), pp. 167–168,
according to “The limited competence of the ECB to act as a bank supervisor under art. 127(6)
therefore would preclude it from engaging in any supervisory activities directed at the broader
financial system, including, for instance, the wholesale debt securities markets or bank resolution
and restructuring. This means that the ECB would not have the competence to oversee the shadow
banking market, which was a source of systemic risk that caused the global banking crisis of 2007-
09. Moreover, it would not have the competence to put a credit institution (which it had the com-
petence to supervise) into resolution, nor could it exercise resolution powers, such as transferring
the assets of a distressed bank to a private purchaser, or transfer a distressed bank’s assets to a
bridge bank, nor even take legal measures to co-ordinate with resolution authorities. The narrow
supervisory competence allocated to the ECB under art.127(6) suggests that the ECB would be
acting ultra vires if it took broader macro-prudential supervisory measures that go beyond the
micro-prudential supervision of individual credit institutions and financial institutions”.
Highlighting the limits of Article 127(5) and (6) TFEU also Antoniazzi (2013), p. 145 et seq., and
especially pp. 148–151 and 171. Supporting a broader interpretation of Article 127(6) TFEU see
Ter Kuile et al. (2015), p. 162.
which it follows that sanctions addressing “less significant” credit institutions, also
for violations of directly applicable EU law, should be imposed only at national
level (by NCAs).
Different consideration shall be drawn instead for the second case in which the
SSM enjoys direct sanctioning powers. Established by Article 18(7) SSM R, this
provision refers to the situation in which banks fail to fulfil an obligation arising
from ECB regulations or supervisory decisions, or otherwise obstruct the perfor-
mance of SSM investigations.126 In particular, when the breaching is “continuing”,
the ECB may impose a periodic penalty payment with a view to compelling the
persons concerned to comply with the infringed regulation or supervisory
decision.
This case founds its legal basis in Regulation (EC) No 2532/98 (recalled by
Article 18(7) SSM R), a piece of legislation pre-existing to the establishment of the
SSM, and adopted in the context of the ECB’s monetary policy.127 Two are the type
of sanctions imposable under this statute: Fines and, when the breaching is “con-
tinuing”, periodic penalty payments aiming at compelling the persons concerned to
comply with the infringed regulation or supervisory decision. In determining
whether and which sanction to impose, the ECB shall be guided by the principle of
proportionality. Circumstances of the specific case shall be taken into account,
including: (a) good faith and degree of openness of the credit institution in the inter-
pretation and fulfilment of its obligations; (b) degree of diligence and cooperation
shown by the credit institution; (c) any evidence of willful deceit on the part of
officials of the bank; (d) the seriousness of the effects of the infringement; (e) the
repetition, frequency or duration of the infringement; (f) the profits obtained by
reason of the infringement; (g) the economic size of the credit institution; and (h)
prior sanctions imposed by other authorities on the same credit institution and based
on the same facts.128
Moreover, in light of Articles 129 SSM FR, periodic penalty payments shall be
effective, proportionate, and calculated for each day of infringement until the per-
son concerned complies (starting from the date stipulated in the decision imposing
the periodic penalty payment, and for a period no longer than 6 months).
Upper limits for such payments are established in Regulation 2532/98 (as
amended in 2015). Article 4a in particular of this Regulation (as amended in 2015)
allows the ECB to impose fines of up to twice the amount of the profits gained or
losses avoided because of the infringement, or 10% of the total annual turnover of
the undertaking; or to apply periodic penalty payments of 5% of the average daily
turnover per day of infringement to obtain the cease and desist of the obstructing
conduct.129
126
Cf. Article 129 and 143(2)(b) SSM FR.
127
Council Regulation (EC) No 2532/98 of 23.11.1998 concerning the powers of the European
Central Bank to impose sanctions, as amended by Council Regulation (EU) 2015/159 of
27.01.2015.
128
Cf. Article 2(3) Regulation (EC) No 2532/98.
129
Cf. Article 4(a), Council Regulation (EU) 2015/159. Cf. also Looseveld (2013b), pp. 423–425.
In these cases, it does not matter whether the bank is “significant” or “less sig-
nificant”: As soon as a credit institution is the addressee of an ECB regulation or
decision, it becomes liable before the Central Bank for any infringement of the
obligations there prescribed.
Besides for direct sanctioning powers, the SSM enjoys indirect sanctioning pow-
ers as provided for by Article 18(5) SSM R. This is the case in which, carrying out
its supervisory tasks according to the SSM Regulation, the ECB believes credit
institutions, financial holding companies or mixed financial holding companies to
be in violation of requirements which fall out of its direct scope of supervision.
Article 18(5) SSM R, therefore, covers the cases of: (i) Breaches of CRR/CRR II
requirements or other EU directly applicable law, that are attributed to a natural
person (members of the management board, as well as by “any other individuals
who under national law are responsible for a breach by a credit institution, financial
holding company or mixed financial holding company”); (ii) breaches of CRR
requirements or other EU directly applicable law, that are sanctioned with a non-
pecuniary penalties; (iii) breaches deriving from the violation of national legislation
implementing EU directives, or of national legislation conferring specific powers to
the NCAs which are not deriving from EU law.130
In all these situations, the ECB cannot directly impose sanctions, but may ask to
the NCAs to do so. When it comes to significant credit institutions, NCAs shall open
proceedings only at the ECB’s request; but they may also ask the ECB to be
requested to do so. Contrary to Article 9 SSM R examined above,131 since Article
18(5) SSM R does not contain any reference to the power of the ECB to issue
“instruction” (“the ECB may require”), it can be argued that here NCAs enjoy full
discretion in carrying out investigations on the alleged breaches, and in deciding if
and which sanctions to apply. Such discretion may be confirmed also by Article
134(3) SSM FR, according to which NCAs are only subject to the obligation of
starting a proceeding, and to “notify the ECB of the completion of a penalty proce-
dure initiated at the request of the ECB pursuant to paragraph” and “of the penalties
imposed, if any” (italics added).132
If NCAs opt for the application of a sanction, the latter, either pecuniary and non-
pecuniary, shall be effective, proportionate and dissuasive, in compliance with the
standards applicable in all EU punitive law. Ensuring proportionality in the sanc-
tioning throughout the Eurozone, however, may result especially critical with
respect to cases in which the substantial legal basis of the breach is represented by
a directive.
The dependency of these SSM indirect sanctioning powers on national transposi-
tions of EU law, in fact, opens the floor to high risks of variable inefficiency. Member
States, for instance, may not timely transpose a directive, or as, in case of CRD
IV—already implemented at national level in all EU.
130
See Article 134 SSM FR.
131
See above, Sect. 4.4.1.
132
Cf. Allegrezza and Voordeckers (2015), p. 157.
Member States—transpose it incorrectly, for instance not including in national

legislation all the violation cases provided for by Articles 66 and 67 CRD IV, or
limiting the maximum amount of sanctions for certain breaches (as in IE).133
In these cases, the SSM could be impaired in enforcing its single supervisory
oversight, as for the same breach, sanctioning powers could be not equally available
in all the euro zone countries.
It should also be underlined that according to Article 65 CRD IV/V, rather than
introducing in their national systems the administrative penalties listed in Articles
66 and 67 CRD IV/V Member States may also decide to criminalize the violation of
prudential requirements, with the only obligation to “communicate to the
Commission the relevant criminal law provisions”134 (this option is possible, of
course, only in those countries where legal persons are subject to some form of
criminal liability135).
Lastly, among the SSM sanctioning powers it should be recalled the provision of
Article 18(6) SSM R, that, similarly to Article 68 CRD IV/V, establishes a “naming
and shaming” sanction, according to which the ECB shall publish any penalty
imposed under Article 18(1). The same regime applies, thanks to Article 1a(3),
Regulation No 2532/98, also to sanctions imposed under Article 18(7) SSM R136.
Differently from CRD IV/V,137 the latter publication duty concerns sanctions
irrespective of whether they have been appealed or not. However as will be further
analysed, those sanctioning powers still have to respect “the conditions set out in
relevant Union law” as well as the duty to anonymize publications in the cases indi-
cated in the same Regulation.138 Under this profile, however, it is worth recalling
that, to date, none of the penalties imposed upon credit institutions has been entirely
disclosed on the SSM website yet, and summaries of the decisions imposing a sanc-
tion had been published only at the conclusion of the procedure of internal control
before the Administrative Board of Review.139
The imposition of administrative penalties is subject to a limitation period of
5 years, running from the day in which the breach has been committed, or, in case
of on-going or repeated breaches, from when it ceases. According to Article 130
SSM FR and Article 4c Regulation 2532/98, such limitation period may be inter-
133
Lasagni and Rodopoulos (2019), § 2.2. The same principle of proportionality, in this context,
seems to apply in the meaning giving to it at the national level, cf. Allegrezza and Rodopoulos
(2017).
134
135
Cf. Sect. 2.2. Although so far this profile presents more a theoretical than a practical impact, as
none of the Member States has made this choice during the transposition of the Directive. Cf.
Lasagni and Rodopoulos (2019).
136
Cf. Lamandini et al. (2015), 78, noting how nothing is said in the SSM legal framework con-
cerning the publication of other, still relevant decisions, e.g. investigative measure, leaving—in
lack of guidelines on the matter—full discretion to the ECB on whether to publish such decisions
or not.
137
138
For implications in view of the presumption of innocence, see Sect. 6.3.5.
139
For a list of the penalties already imposed by the SSM, cf. Sect. 6.3.3.
rupted by investigative or other procedural actions undertaken by the ECB, every

time running afresh. However, as a maximum limit, the limitation period shall not
exceed a term equal to twice its duration—taking into account in such calculation
also the period(s) of time in which the limitation period shall be suspended due to
the pending of criminal proceedings against the supervised entity in connection
with the same facts investigated by the ECB. The limitation period shall also be
suspended for any period during which the ECB decision is subject to review before
the ABoR or the CJEU. However, the possibility to extend the maximum limit
(10 years) taking into account also these suspensions has been explicitly envisaged
in the current legal framework only with regard to Regulation 2532/98, that is to say
with regard to penalties imposed under Article 18(7) SSM R.140
In this sense, it is not clear, also in light of the coordination criteria indicated by
Article 6 of the same Regulation (which refers only to “Council Regulation” and
ECB regulation to specify sanctions that “may be imposed in accordance with”
Regulation 2532) which regime should apply to the penalties imposed under Article
18(7) SSM R.
According to Articles 131 SSM FR and 4c(4)-(5) Regulation 2532/98, a similar
limitation period of 5 years applies for the ECB right to enforce a decision imposing
an administrative sanction.
4.4.3 SSM Investigations and Procedures
In case suspicious breaches emerge while carrying out the SSM supervisory tasks,
the ECB shall allocate the investigation to an internal Investigating Unit, which
“shall perform its function independently”.141 According to the SSM Framework
Regulation, the procedure involving the Investigating Unit applies with regard to
direct sanctions under Article 18(1) and fines under 18(7) SSM R, as well as indirect
sanctions under Article 18(5) SSM R, but not to periodic penalty payments ex
Article 18(7) SSM R.142
The reporting of breaches may come from different sources: From one side, it
could originate within the ECB itself, and in particular from the Joint Supervisory
Teams,143 which, carrying out the daily supervision of significant financial institu-
tions, are in an optimal position to notice the existence of irregularities in the man-
agement of banks. On the other side, the SSM reporting system also provides for a
whistle-blower program, to allow potentially relevant information to get to the ECB
also from third parties (presumably, credit institutions’ employees). This program
140
As Article 130(3) SSM FR refers only to the suspensions due to pending criminal proceedings
(para 5) and not to the appeal proceedings before the ABoR or CJEU (para 4); cf. on the contrary
Article 4c(3) Reg. 2532/98.
141
Article 123 and 124 SSM FR.
142
Cf. Title 2 and Title 3 of Part X SSM FR.
143
See also above, paras 4 and 4.1.
guarantees the protection of the identities of persons providing information, unless

such disclosure is required by a court order in the context of further investigations
or subsequent judicial proceedings.144
The powers of the Investigating Unit are those typical of banking supervisors,
also in light of the Basel Core Principles, and include the faculty to request credit
institution for information and for the submission of documents; to examine and
copy books and records; and the right to obtain written or oral explanations from
informed subjects.145
On-site inspections are also coming under the prerogatives of the Unit, but the
SSM investigators may be required to previously obtain a judicial authorization, if
so requested by the national applicable law (which is not the case in most of the
Eurozone Member States).146 These inspections shall be carried out by a designated
team established on purpose.147 While in principle the ECB has to previously notify
the competent NCA and the interested legal person of the upcoming on-site inspec-
tion, the Central Bank may also proceed without informing the legal entity involved
if “the proper conduct and efficiency of the inspection so require”.148
According to Article 22 SSM R, the ECB “should be bound in its decision-
making procedures by Union rules and general principles on due process and
transparency”.149 Besides the theoretical affirmation of this principle however, as
will be further discussed, the adequacy of the SSM procedural rules in safeguarding
the fundamental rights of the parties involved, and guaranteeing fairness in the
proceedings, represents a very critical issue in the analysis of the powers of the
Single Supervisory Mechanism.150
If evidence of facts potentially relevant to criminal offences emerges during
supervisory investigations, the SSM cannot refer it directly to the judicial authori-
ties, but, according to Article 136 SSM FR, it shall request the competent NCA to
do so in accordance with national law.151
If a breach is assessed after the investigation has been completed, Article 126
SSM FR requires the Investigating Unit to notify a Statement of Objections to the
supervised entity, containing the factual result of the investigations, and the objec-
tions raised against the entity as set out therein, including the individual provisions
144
Article 36–38 SSM FR.
145
Articles 10, 11 SSM R; Article 125 SSM FR. Analysing the rights of the parties in light of the
ECtHR case-law, Sects. 6.3.4 and 6.3.5. For the Basel Core Principles, Sect. 3.5.
146
Articles 12–13 SSM R; Articles 143 to 146 SSM FR. The analysis of the role of national court
in granting such authorisation is carried out in Sect. 6.3.3. Cf. Lasagni and Rodopoulos (2019,
forthcoming).
147
Articles 12(1) SSM R and 144(1) SSM FR.
148
Article 145(2) SSM FR.
149
Cf. Recitals (52)-(54)-(58)-(86) and Article 22 SSM R; Articles 22 to 32 SSM FR.
150
Cf. below Chap. 6.
151
Article 136 SSM FR. According to the ECB (2017), p. 40, in 2016 “one request was submitted
[…] to the relevant NCA and four other sets of facts were under consideration at year-end 2016”;
according to the ECB (2018), p. 79, “Five such requests were submitted to the relevant NCAs in
2017”. This reporting mechanism is further analysed in Sect. 6.1.3.
which have been allegedly infringed, and, if the Unit deems it necessary, an invita-
tion to attend an oral hearing. The credit institution shall also be informed that,
within a “reasonable time limit” established in the same Statement, parties have the
right to make submissions in writing against the Statement.152
If, regardless of the credit institution’s submission, the Unit still considers that a
breach has been committed, it can trigger the sanctioning mechanism.
The SSM may impose sanctions upon credit institutions through a complex pro-
ceeding, which starts with the Investigating Unit submitting a draft decision to the
Supervisory Board, together with the file of the investigation.153 Following that sub-
mission, the Board may discretionally decide to request further investigation, to
close the case, or, if it agrees with the conclusions reported, to further submit the
decision to the Governing Council through the “non-objection procedure”. This
non-objection procedure applies also in case the ECB wants to apply a period pen-
alty payment according to Article 18(7) SSM R.154 Once a sanction is approved by
the Governing Council, SSM Regulations allow the affected credit institutions to
challenge the decision before an internal “independent” body, the Administrative
Board of Review (ABoR).155 The same possibility to bring action before the ABoR
applies also against decisions imposing periodic penalty payments under Article
18(7) SSM R, which do not require the intervention of the Investigating Unit (but
that nonetheless recognizes the general due process rights established by Articles
25–35 SSM FR for supervisory decisions).
According to Article 24(6) SSM R, requests for review shall be lodged within 1
month of the date of notification of the decision, or in its absence, of the day of its
effective knowledge. Unless differently disposed for the single case,156 the request
does not have a suspensory effect.
Being applicable only by the ECB, the sanctions imposed under the SSM direct
competence (Article 18(1) and (7) SSM R) may be challenged only before the
ABoR and/or the European Court of Justice, but not before national courts. On the
contrary, when the sanction is not imposed directly by the SSM but, according to
Article 18(5) SSM R, by NCAs which do enjoy discretion in such proceedings, the
jurisdiction for review falls before national courts.157
152
The relevance of this provision under the right to an oral hearing and to be heard provided for by
Article 6 ECHR is analysed in Sect. 6.3.2.
153
Even if the Regulation does not define which documents shall be contained in the “file of the
investigation”.
154
Article 127 SSM FR; see above Sect. 4.4.
155
Cf. Article 24 SSM R. See also Decision of the European Central Bank of 14.04.2014 concern-
ing the establishment of an Administrative Board of Review and its Operating Rules (ECB/2014/16).
156
Depending on the discretion of the ABoR, which shall made a proposal to the Governing
Council, which decides after having heard the opinion of the Supervisory Board, cf. Article 9(2) of
Decision ECB/2014/16 concerning the establishment of an Administrative Board of Review and its
Operating Rules (“ABoR Decision”). Underlining how the conditions permitting the suspension of
the contested decision seem to be less strict compared to those set by the ECJ under Articles 278
and 279 TFEU, Magliari (2017), p. 116.
157
Cf. Hans-Martin Tillack v Commission of the European Communities, Case T-193/04, 4.10.2006,
Similarly to the Joint Board of Appeal of the ESAs, also the ABoR is part of the
non-judicial or quasi-judicial remedies provided for in the European financial sys-
tem.158 The development of alternative forms of dispute resolution is a trend that
increasingly characterizes several sectors of EU law,159 as well as of the US regula-
tory system,160 with the aim of deflating the workload of the courts, and enhancing
fast, specialised, non-public (especially relevant in case of sensitive interests at
stake), and more flexible tools of protection.161
The analysis of quasi-judicial bodies poses several challenges under a procedural
point of view, as they represent peculiar combinations of features typical of advi-
sory administrative authorities, and of judicial ones; but they do not represent a
uniform category, since such combinations vary depending on the single body at
stake.
In this sense, most of EU quasi-judicial authorities are granted only with func-
tional independence and impartiality, that do not extend to the appointment of their
members, generally selected for their legal and technical expertise by the same
authorities whose decisions they are called to review. Again in very general terms,
the decisions of these bodies are usually binding for the parties involved, and may
cover both the merit and the legitimacy of the decision appealed; asking for such
reviews usually also represents a condition of admissibility for the appal before the
CJEU.162
The ABoR is only partially in line with this paradigm. According to Article 24
SSM R, the Board is formed by five individuals (with a mandate of 5 years, renew-
able only once) with “sufficient experience in the fields of banking and other finan-
cial services”, and that are not part of the ECB personnel.163 Regardless of this
ECLI:EU:T:2006:292. The link between discretion and judicial review is further analysed in Sect.
6.3.3; Voordeckers (2019, forthcoming publication).
158
After the Banking Union reform, the system comprises also the SRM Appeal Panel; for an
analysis of its powers, which goes beyond the remit of this work, see Magliari (2017), p. 121; cf.
also Sciascia (2015), p. 381.
159
Such as the Board of appeal of the Office for Harmonization in the internal market; the Boards
of Appeal within the European Patent Office (Disciplinary Board of Appeal; 28 Technical boards
of appeal; Enlarged Board of Appeal; Legal Board of Appeal); the Board of Appeal of the European
Chemical Agency; the European Aviation Safety Authority (EASA) 14, the European Union
Intellectual Property Office (EUIPO), and the Community Plant Variety Office (CPVO)—European
Data Protection Supervisor. Contrary to other fields of law, however, it has been underlined how
quasi-judicial bodies in the EU financial system cannot “adopt a determination that directly annul
or modify the contested decision”, cf. Magliari (2017), p. 129.
160
For a general analysis see Parona (2017), p. 267 et seq.
161
For a broader analysis of administrative remedies in the EU cf. Marchetti (2017), p. 6: “In par-
ticular, if one considers the last 20 years of the institutional history of the Union, there are no
agencies or authorities authorised to adopt binding individual acts without a board of appeal also
being instituted to examine appeals against their decisions”, and AA.VV. (2018).
162
Cf. e.g. Article 61 of ESAs Regulation, with regard to the Joint Board of Appeal.
163
Currently the members of the ABoR reflect also the above mentioned mixed expertise composi-
tion, as they include five members with legal and economic expertise, even though at the moment
with a clear predominance of the second: Jean-Paul Redouin (Chair), Concetta Brescia Morra
independence requirements, the appointment procedure occurs internally to the

ECB, and depends on the Executive Board, which submits a list of nominations fol-
lowing a public call for interest, and on the Governing Council, that can accept the
list (but not modify it) and thus formally appoints the members.
However, contrary to most of quasi-judicial bodies, and most peculiarly in the
EU legal framework, the opinions expressed by the Administrative Board of Review
do not possess any external binding value.
They shall (only) be taken into account by the Supervisory Board to promptly to
submit a new draft decision replacing the initial one to the Governing Council. Their
effect is then rather to reopen the decision-making procedure, triggering again the
non-objection procedure. In the new draft, however, the Supervisory Board is not
bound to adopt the content of the opinion (although the reasons why it decides to
follow it or not must be stated).
Contrary to the ESAs’ Joint Board of Appeal or the SRB Board of Appeal,164
moreover, bringing action before this body is not a preliminary condition for intro-
ducing an appeal to the Court of Justice. According to Article 24(11) SSM R, in fact,
individuals affected by an ECB decision may freely decide to appeal it only to the
Board, contemporary before the ABoR and the CJEU, or directly (and exclusively)
to the CJEU.165
Due to its not binding external value, ABoR opinions are not published, nor can
be directly appealed before the Court of Justice. However, where a new ECB deci-
sion is issued following the internal administrative review, the latter may be appealed
for annulment before the CJEU within the ordinary 2-month time as established by
Article 263 TFEU.166 In this case, as recently affirmed by the Court in a preliminary
order with specific regard to the ECB supervisory powers, only the last ECB deci-
sion may be challenged before the CJEU, since in this mechanism, the first act is
entirely replaced after the internal administrative review (even if the content might
unchanged).167
(Vice-Chair), Javier Arístegui Yáñez, André Camilleri and Edgar Meister; and two alternates: René
Smits and, since 3 February 2016, Ivan Šramko.
164
Cf. Article 85(8) of Regulation (EU) No 806/2014 of 15.07.2014 establishing uniform rules and
a uniform procedure for the resolution of credit institutions and certain investment firms in the
framework of a Single Resolution Mechanism and a Single Resolution Fund.
165
See also Looseveld (2013a), p. 13.
166
So far, however, out of the 20 proceedings the ABoR dealt with, only few have been reported to
have been brought before the European Court of Justice too, cf. Brescia Morra et al. (2017), p. 574.
167
Order of the General Court of 12.09.2017, ECLI:EU:T:2017:623, in Fursin and Others [former
Trasta Komercbanka and Others] v ECB, T-247/16 (Application of 08/07/2016) and T-698/16
(Application of 11/11/2016), §§ 19–23. The case is also analysed in Sect. 6.3.3.
Mirroring judicial review models,168 the ABoR scope of review is limited to the
examination of the grounds presented by the applicant(s).169 Also similarly to judi-
cial bodies, the standing for the Board’s administrative review is rather broad, as it
allows requests from any natural or legal person which is addressed by an ECB
supervisory decision, or has from it a direct and individual concern.170 Due to its
similarity to Article 263 TFEU, the interpretation of these admissibility require-
ments (like for those of the ESA’s Joint Board of Appeal) follows the jurisprudence
developed for appeals before the CJEU.171 Along the same argument, also the defini-
tion of the term “decision” should be read in light of the CJEU case-law according
to which a “challengeable act” is any measure that definitively determines the posi-
tion of its author upon the conclusion of an administrative procedure, and has bind-
ing legal effects capable of affecting the interests of the applicant.172
According to 24(1) SSM R, however, the review may concern only the proce-
dural and substantive conformity of the decision adopted with the Regulations.173
The ABoR, thus, may exclusively express an opinion on the legitimacy of the
draft decision adopted by the Governing Council, without any competence to ques-
tion its merit. In this, the ABoR appears in line with that CJEU case-law, according
to which the possibility to review “complex economic assessments” is precluded to
judicial bodies, unless the decision appears manifestly wrong, disproportionate or
168
According to “continuity in terms of functions” criterion developed by the CJEU case-law, inter-
nal non-judicial reviewing bodies in principle shall examine the appeal in light of all relevant
information (cf. e.g. Procter & Gamble v European Union Intellectual Property Office, Case
T-163/98, 8.07.1999, ECLI:EU:T:1999:145, §§ 36–38; Procter & Gamble v European Union
Intellectual Property Office, Case T-63/01, 12.12.2002, ECLI:EU:T:2002:317, §§ 20–23; Henkel
KGaA v Office for Harmonisation in the Internal Market (Trade Marks and Designs), Case
T-308/01, 23.09.2003, ECLI:EU:T:2003:241, § 29).
169
According to Article 10 ABoR Decision.
170
Cf. Article 24(5) SSM R.
171
Supporting this opinion, so far followed by the ABoR, also Magliari (2017), p. 113; Witte
(2015), p. 228; Brescia Morra (2016), pp. 117–118. The issues arising from the current interpreta-
tion of such admissibility standards are illustrated, with regard to the ECJ, in Sect. 6.3.3.
172
Cf. United Kingdom v ECB, Case T-496/11, 4.03.2015, ECLI:EU:T:2015:133, § 51 distinguish-
ing “measures which definitively determine the position of their author upon the conclusion of an
administrative procedure, and which are intended to have binding legal effects capable of affecting
the interests of the applicant, that are open to challenge” and those “intermediate measures whose
purpose is to prepare for the final decision, which do not have those effects, or measures which are
mere confirmation of an earlier measure which was not challenged within the prescribed period”
which are not challengeable; French Republic v Commission of the European Communities, Case
C-57/95, 20.03.1997, ECLI:EU:C:1997:164, § 7; Commission of the European Communities v
Council of the European Union, Case C-370/07, 1.01.2009, ECLI:EU:C:2009:590, § 42;
Internationaler Hilfsfonds v Commission, Case C-362/08 P, 26.10.2010, ECLI:EU:C:2010:40, §
52; Athinaïki Techniki v Commission, Case C-521/06 P, 17.07.2008, ECLI:EU:C:2008:422, §§
43–45. From this definition are therefore excluded claims against the ECB’s failure to act, ECB
regulatory acts, and non-binding acts, such as guidelines and recommendations, and merely inter-
nal and preparatory acts, cf. Magliari (2017), pp. 114–115.For standing requirement in the ECB
supervisory proceedings, see Sect. 6.3.2 (Trasta case).
173
Cf. Article 24(1) and Recital (64) SSM R.
References 143
vitiated by misuse of powers.174 Besides for these exceptional cases, therefore, the
Board’s review is therefore limited to the assessment over the compliance with due
process requirements (e.g. whether the statement of reasons was sufficient, or the
facts were correctly reproduced).175
In doing so, due to the “innovative” character of Article 4(3) SSM R, also the
ABoR may be confronted with the need to interpret national law, when the latter is
applied by the ECB, and with all the following critical issues illustrated above with
regard to the CJEU.176
References
AA.VV. (2018) Judicial review in the Banking Union and in the EU financial architecture. Quad
Ricerca Giuridica della Consulenza Legale, Banca d’Italia, 84, June 2018
Allegrezza S (2019) Introduction. In: Allegrezza S (ed) The enforcement dimension of the Single
Supervisory Mechanism (SSM). The interplay between administrative and criminal law.
CEDAM, Milano
Allegrezza S, Rodopoulos I (2017) Interactions between administrative and criminal law in the
context of the enforcement of bank prudential regulations. In: Franssen V, Ligeti K (eds)
Challenges in the field of economic and financial crime in Europe and the US. Hart, Oxford,
pp 233–264
Allegrezza S, Voordeckers O (2015) Investigative and sanctioning powers of the ECB in the frame-
work of the single supervisory mechanism. Mapping the complexity of a new enforcement
model. Eucrim 4:151
Andenæs M (2012) Harmonising and regulating financial markets. In: Andenæs M (ed) Theory
and practice of harmonisation. Edward Elgar, Cheltenham, pp 1–29
Andenæs M (2015b) The ECB and NCA liability within the Single Supervisory Mechanism: fore-
word. Quad Ricerca Giuridica della Consulenza Legale, Banca d’Italia 78:3–6
Antoniazzi S (2013) La Banca centrale europea tra politica monetaria e vigilanza bancaria.
Giappichelli, Torino
174
Cf. Henri de Compte v European Parliament, Case T-26/89, 17.10.1991, ECLI:EU:T:1991:54,
§ 220; Henri de Compte v European Parliament, C-326/91 P, 2.06.1994, ECLI:EU:C:1994:218, §
115; although the doctrine was partially revised in Chalkor v. Commission, C-386/10 P, 8.12.2011,
ECLI:EU:C:2011:815, § 51; Europese Gemeenschap v Otis NV and Others, Case C-199/11, 6.11.
2012, ECLI:EU:C:2012:684, § 47, for further analysis on this point, see Sect. 6.3.3. As underlined
by Magliari (2017), p. 120, “Neither the SSM Regulation nor the ABoR Decision solve the issue
of the simultaneous filing of a claim before the administrative body and the court. Hence the neces-
sity to further examine whether the judicial remedy would prevail, or whether the judicial review
would be considered inadmissible due to the reopening of the administrative procedure, following
the ABoR opinion. This latest solution appears more appropriate, as the proposition of the admin-
istrative remedy leads to the adoption of a new decision substituting the former one”.
175
As reported by some of its members, the ABoR has therefore mainly dealt with issues such
concerning (on the subject matter) the determination of the ‘significance’ of a supervised entity;
corporate governance; the outcome of the Supervisory Review & Evaluation Process (SREP); fit
and proper assessment of members of the management body; and withdrawals of the authorization,
cf. also Brescia Morra et al. (2017), pp. 581–582.
176
See below Sect. 6.3.3.
Antoniazzi S (2014a) L’Unione bancaria europea: i nuovi compiti della BCE di vigilanza pruden-
ziale degli enti creditizi e il meccanismo unico di risoluzione delle crisi bancarie (parte I). Riv
It Dir Publ Com fasc 2: 359
Antoniazzi S (2014b) L’Unione bancaria europea: i nuovi compiti della BCE di vigilanza pruden-
ziale degli enti creditizi e il meccanismo unico di risoluzione delle crisi bancarie (parte II). Riv
It Dir Publ Com fasc 3–4:717
Antonucci A (2004) La vigilanza bancaria nell'Unione europea fra cooperazione e “Metodo
Lamfalussy”, Studi in onore di Piero Schlesinger, Giuffrè, Milano, tomo V, 3185
Barbagallo C (2014) Il rapporto tra BCE e autorità nazionali nell’esercizio della vigilanza,
Convegno Unione Bancaria: istituti, poteri ed impatti economici. Università Luiss Guido Carli,
Roma, 26 febbraio 2014
Boccuzzi G (2016) The European Banking Union. Supervision and resolution. Palgrave MacMillan,
Basingstoke
Bonelli E (2006) La gestione finanziaria comunitaria tra crisi e rilancio del processo di integrazione
europea. Riv it dir pubbl comunit 02:301–344
Bradley C (2016) Financial stability, financial services, and the single market. Fordham Int Law
J 39(5):1245–1272
Brescia Morra C (2016) The administrative and judicial review of decisions of the ECB in the
supervisory field. In: AA.VV., Scritti sull’Unione Bancaria. Quad. Ricerca Giuridica, Banca
d’Italia, 81:109
Brescia Morra C, Smits R, Magliari A (2017) The administrative board of review of the European
Central Bank: experience after 2 years. Eur Bus Org Law Rev 18:567–589
Cassese S (2003) La prevalenza del diritto comunitario sul diritto nazionale in materia di concor-
renza. Giorn dir amm. p 1129
Castañeda J, Mayes D, Wood G (eds) (2016) European Banking Union: prospects and challenges.
Routledge, London
D’Ambrosio R (2013) Due process and safeguards of the persons subject to SSM supervisory and
sanctioning proceedings. Quad Ricerca Giuridica, Banca d’Italia, 74, dicembre 2013
D’Ambrosio R (2015) The ECB and NCA liability within the Single Supervisory Mechanism.
Quad. Ricerca Giuridica, Banca d’Italia, 74, January 2015
De Larosière J (chaired by) (2009) Report: The High-Level Group on Financial Supervision in the
EU, Brussels, 25 February 2009. http://ec.europa.eu/internal_market/finances/docs/de_laro-
siere_report_en.pdf. Accessed 16 July 2018
Dinov S (2016) Proposals of the European Commission after the financial and debt crisis. Eur Bus
Law Rev 27(1):159–176
Dumitrescu AD (2017) Banking union: doctrinal considerations on the legal nature of the ECB’s
close co-operation with non-euro area Member States. J Int Bank Law Regul 32(1):1
ECB (2017) Annual Report on supervisory activities 2016, March 2017. https://www.bankingsu-
pervision.europa.eu/press/publications/annual-report/pdf/ssm.ar2016.en.pdf?a679777c56323e
d778fc4734ee3667fb. Accessed 16 July 2018
pervision.europa.eu/press/publications/annual-report/pdf/ssm.ar2017.en.pdf?63a120afab30be
18171c083089709229. Accessed 16 July 2018
ECB Monthly Bulletin (2003) The integration of Europe’s financial markets, October 2003.
https://www.ecb.europa.eu/pub/pdf/other/pp53_66_mb200310en.pdf?c784fb2e8feac1e7
b1a9823867979094. Accessed 16 July 2018
ECB-SSM Quarterly Report (2014) Progress in the operational implementation of the Single
Supervisory Mechanism Regulation n. 4/2014, November 3, 2014. https://www.bankingsuper-
vision.europa.eu/ecb/pub/pdf/ssmqr20144.en.pdf. Accessed 16 July 2018
Eijffinger S, Masciandaro A (eds) (2013) Handbook of Central Banking, Financial regulation and
supervision. After the financial crisis. Edward Elgar, Cheltenham
References 145
Epstein RA, Rhodes M (2016) States ceding control: Explaining the shift to centralized bank
supervision in the Eurozone. J Bank Regul 17:90–103
Ferran E (2012) Crisis-driven regulatory reform: where in the world is the EU going? In: Ferran E,
Moloney N, Hill JG, Coffee JC Jr (eds) The regulatory aftermath of the global financial crisis.
Cambridge University Press, New York, p 1
Garner BA (ed in Chief) (2014) Black’s law dictionary, 10th edn. Thomson Reuters, St. Paul
Gil Ibáňez A (1999) The administrative supervision and enforcement of EC law, powers, proce-
dures and limits. Hart, Oxford
Gortsos CV (2015a) Competence sharing between the ECB and the national competent super-
visory authorities within the Single Supervisory Mechanism (SSM). Eur Bus Org Law Rev
16:401–420
Gortsos CV (2015b) The Single Supervisory Mechanism (SSM) - legal aspects of the first pillar of
the European Banking Union. EPLO, Athens
Haentjens M, De Gioia-Carabellese P (2015) European banking and financial law. Routledge,
London, recently published in its 2nd edition (2018)
Hanten M, Heljula K (2015) The ECB as the new regulator: a lawyer’s perspective. Butterworths
J Int Bank Financ Law, April 2015
Hill JG, Moloney N (2012) The regulatory aftermath of the global financial crisis. Cambridge
University Press, Cambridge
Hinojosa L, Beneyto J (2015) European Banking Union. The New Regime. Wolters Kluwer, The
Netherlands
Hofmann HCH (2009) Composite decision-making procedures in EU administrative law. In:
Hofmann HCH, Türk A (eds) Legal challenges in EU administrative law. Towards an integrated
administration. Edward Elgar, Cheltenham, p 136
Kern A (2015) European Banking Union: a legal and institutional analysis of the Single Supervisory
Mechanism and the Single Resolution Mechanism. Eur Law Rev 40:154
Lackhoff K (2013) Which credit institutions will be supervised by the Single Supervisory
Mechanism? J Int Bank Law Regul 28:454
Lackhoff K (2017) Single Supervisory Mechanism: a practitioner’s guide. Hart, Oxford
Lamandini M (2015) Limitations on supervisory powers based upon fundamental rights and SSM
distribution of enforcement competences. In: ECB Legal Conference 2015. From Monetary
Union to Banking Union, on the way to Capital Markets Union. New opportunities for European
integration, 1-2 September 2015, p 121. https://publications.europa.eu/en/publication-detail/-/
publication/5b46b780-3703-11e7-a08e-01aa75ed71a1/language-en. Accessed 16 July 2018
Lamandini M, Ramos Muñoz D, Solana Alvarez J (2015) Depicting the limits to the SSM’s super-
visory powers: the role of constitutional mandates and of fundamental rights’s protection, in
Quad. Ricerca Giuridica, Banca d’Italia, p 79
Lamfalussy A (chaired by) (2001) Final Report of the Committee of Wise Men on the Regulation
of European Securities Markets, Brussels, 15 February 2001. http://ec.europa.eu/internal_mar-
ket/securities/docs/lamfalussy/wisemen/final-report-wise-men_en.pdf. Accessed 16 July 2018
Lasagni G (2019) Investigatory, supervisory and sanctioning powers within the SSM. In: Allegrezza
S (ed) The enforcement dimension of the single supervisory mechanism (SSM). The interplay
between administrative and criminal law. CEDAM, Milano
Lasagni G, Rodopoulos I (2019) Comparative study. In: Allegrezza S (ed) The enforcement dimen-
sion of the single supervisory mechanism (SSM). The interplay between administrative and
criminal law. CEDAM, Milano
Lo Schiavo G (2014) The development of a new bank resolution regime in Europe: fit for purpose?
J Int Bank Law Regul 29(11):689–704
Lo Schiavo G (ed) (2019) The European banking union and the rule of law. Edward Elgar,
Cheltenham
Looseveld S (2013a) Appeals against decisions of the European supervisory authorities. J Int Bank
Law Regul 1:9–13
Looseveld S (2013b) The ECB’s investigatory and sanctioning powers under the future Single
Supervisory Mechanism. J Int Bank Law Regul 1:422–425
Magliari A (2015) Il Single Supervisory Mechanism e l’applicazione dei diritti nazionali da parte
della banca centrale europea. Riv Ital Dir Pubbl Comunitario, Anno XXV Fasc. 5:1349–1379
Magliari A (2017) Administrative remedies in European financial governance. Comparing differ-
ent models. In: Marchetti B (ed) Administrative remedies in the European Union. The emer-
gence of a Quasi-Judicial administration. Giappichelli, Torino
Marchetti B (2014) Le garanzie procedurali e processuali delle imprese nella rete europea della
concorrenza. Riv della regolazione dei mercati 1:32
Marchetti B (2017) Administrative justice beyond the courts: internal reviews in EU administra-
tion. In: Marchetti B (ed) Administrative remedies in the European Union. The emergence of a
Quasi-Judicial administration. Giappichelli, Torino, p 6 et seq
Mayes D (2014) Bank structure and resolution. Butterworths J Int Bank Financ Law 11:743
Moloney N (2012a) The legal effects of the financial crisis on regulatory design in the EU. In:
Ferran E, Moloney N, Hill JG, Coffee JC Jr (eds) The regulatory aftermath of the global finan-
cial crisis. Cambridge University Press, New York, p 1
Moloney N (2012b) Supervision in the wake of the financial crisis: achieving effective “Law in
Action” – a challenge for the EU. In: Wymeersch E, Hopt KJ, Ferrarini G (eds) Financial regu-
lation and supervision. A post-crisis analysis. Oxford University Press, Oxford
Nieto M (2015) Banking on single supervision in the Eurozone: scepticism and a reform proposal.
Eur Bus Org Law Rev 16:539–546
Parona L (2017) The appeal system within the U.S. federal agencies. In: Marchetti B (ed)
Administrative remedies in the European Union. The emergence of a Quasi-Judicial adminis-
tration. Giappichelli, Torino, p 267 et seq
Randell C (2013) Group resolution under the EU resolution directive. In: Kenadian PS, Dombret
AR (eds) The bank recovery and resolution directive: Europe’s solution for “Too Big Too
Fail”?, De Gruyter-ILFS, Berlin, pp 39–67
Sciascia G (2015) Administrative review mechanisms within the ECB. Ital J Public Law 2:381
Senkovic P (2015) Introduction to Panel 3, The Coexistence of National and EU Law and The
Ne Bis In Idem Principle with a Focus on the Supervisory Powers of The European Central
Bank. In: ECB Legal Conference 2015. From Monetary Union to Banking Union, on the way
to Capital Markets Union. New opportunities for European integration, 1-2 September 2015,
p 100. https://publications.europa.eu/en/publication-detail/-/publication/5b46b780-3703-
11e7-a08e-01aa75ed71a1/language-en. Accessed 16 July 2018
Ter Kuile G, Wissink L, Bovenschen W (2015) Tailor-made accountability within the single super-
visory mechanism. Common Mark Law Rev 52:155–190
Türk A (2009) Judicial review of integrated administration in the EU. In: Hofmann HCH, Türk A
(eds) Legal challenges in EU administrative law. Towards an integrated administration, Edward
Elgar, Cheltenham, p 218
Voordeckers O (2019) Administrative and judicial review of supervisory acts and decisions under
the SSM. In: Allegrezza S (ed) The enforcement dimension of the single supervisory mecha-
nism (SSM). The interplay between administrative and criminal law. CEDAM, Milano
Witte A (2014) The application of national banking supervision law by the ECB: three parallel
modes of executing EU law? Maastricht J 21(1):109
Witte A (2015) Standing and judicial review in the New EU financial markets architecture. J Financ
Regul 1:226–262
Wolfers B, Voland T (2014) Level the playing field: the new supervision of credit institutions by
the European Central Bank. Common Mark Law Rev 51:1463–1496
Chapter 5
The US Regulatory Framework of Banking
Supervision
To provide the basis to carry out the comparative analysis between the banking
regulators in the EU and in the US in light of the Basel Core Principles which have
a relevance also under a criminal law perspective, this Chapter delineates the main
traits of the US banking supervisory system after the last financial crisis (Sect. 5.1),
indicating relevant competent authorities, as well as their investigative and sanction-
ing powers (Sects. 5.2 and 5.3). In Sect. 5.4, a special focus is put on the changes
produced in this field by the Dodd-Frank Act, the reform intervened in 2010 as a
response to the distortions that brought to the crisis.1
5.1 C
ollapse of a System: Deregulation and Financial Crisis
in a Complex Supervisory Framework
In the last few decades, also the model of banking supervision in the United States
changed quite drastically, even if mostly with goals quite opposite to the strengthen-
ing and increasing pursued in the EU with the Banking Union.
Indeed, since the early 1980s, the US banking system headed for a progressive
and increasing deregulation, which has not found significant obstacles until the
burst of the last financial crisis (and, as it will be further illustrated, not really even
after that).
In particular, as already mentioned, for a long time the main legislative text regu-
lating banking supervision was represented by the Glass-Steagall Act, which pro-
vided for a clear separation of the activities that may be exercised by financial
U.S. Senate Permanent Subcommittee on Investigations (2010a, b).

1

https://doi.org/10.1007/978-3-030-12161-7_5
148 5 The US Regulatory Framework of Banking Supervision
institutions, and prohibited banks from engaging in proprietary trading or in the

securities market.2
In the 1980s, under the Reagan administration, a Secretariat of Treasury ruled
from 1981 to 1985 by the former Chairman and CEO of Merrill Lynch, and the
Federal Reserve chaired from 1987 to 2006 by Alan Greenspan, involved at the
beginning of his career in the notorious Keating Five corruption case,3 the govern-
ment opted for a series of deregulating measures which materially weakened the
public control over private companies.
That was the context in which, in 1998, two of the main global financial institu-
tions, Citicorp and Travelers Group, merged together, giving birth to the colossus
Citigroup. In the following year, the operation, that was not allowed under the then
applicable legal framework, was legitimized with the repeal of the statute by the
Gramm-Leach-Bliley Act. According to it banks, investment banks, securities firms,
and insurance companies were allowed to cooperate and trade together, and invest-
ment banks’ holding companies were exempted from direct federal regulation.
The deregulation trend did not change under the Clinton administration, which
in 2000 enacted the Commodity Futures Modernization Act (CFMA), authorizing
banks to trade in financial products like swaps—which too, with the same law, were
barred from federal regulation.4 In 2002, under the first Bush administration, the
Treasury Department allowed banks to hold less capital in reserve when trading
securitized mortgages with high investment grade in credit ratings.5 As happened
with the Citigroup case, such a legal framework led to the growth and the reinforce-
ment of a number of “Too-Big-Too-Fail” financial institutions, whose most notori-
ous US representatives include (besides for Citigroup) Bank of America, Goldman
Sachs, JP Morgan Chase, Morgan Stanley, Wells Fargo, and, until 2008, Bearn
Sterns and Lehmann Brothers.
2
Cf. Sect. 2.1.
3
“In 1984, Mr. Keating, then a 61-year-old Phoenix real estate millionaire, bought Lincoln Savings
& Loan, of Irvine, Calif., for $51 million, double its net worth. Lincoln, with 26 branches, made
small profits on home loans, but under new state and federal rules it could make riskier investments
[…] The Federal Home Loan Bank Board, fearing wide collapses in a shaky industry, finally
imposed a 10% limit on risky S.&L. investments. By 1987, its investigators found that Lincoln had
$135 million in unreported losses and was more than $600 million over the risky-investment ceil-
ing. Soon, the F.B.I., the Securities and Exchange Commission and other agencies were homing in.
Mr. Keating hired Alan Greenspan, soon to be chairman of the Federal Reserve, who compiled a
report saying Lincoln’s depositors faced “no foreseeable risk” and praising a “seasoned and
expert” management. Mr. Keating soon called on five senators who had been recipients of his
campaign largess […] to pressure the bank board to relax its rules and kill its investigation […]
Bond buyers were not told the condition of American Continental, or that its bonds were unin-
sured, prosecutors said […] American Continental went bankrupt in 1989, and an insolvent Lincoln
was seized by the government. Some 23,000 customers were left holding $250 million in worthless
bonds, the life savings of many, and taxpayers paid $3.4 billion to cover Lincoln’s losses. It was
the largest of 1043 S.&L. failures from 1986 to 1995 […] The government sued Mr. Keating for
$1.1 billion, but he said he was broke”, cf. Mc Fadden (2014).
4
Enacted as a title of the Consolidated Appropriations Act of 2001, P.L. 106–554.
5
See, e.g., Department of Treasury (2001).
5.1 Collapse of a System: Deregulation and Financial Crisis in a Complex Supervisory… 149
The impact of those policy choices needs to be assessed also taking into account
the development, in the same years, of the derivative financial products,6 the market
of which was de facto not regulated by any federal agency, notwithstanding the
Commodity Futures Trading Commission’s concerns and proposal in that sense.7
Federal supervisory agencies also played their role in the deregulation process.
For instance, in 2004 the Securities and Exchange Commission weakened the
capital requirements for large broker-dealers8; the Federal Reserve, on the other
hand, notwithstanding its competence in supervising the mortgage loans market, did
not adopt the regulations that would have allowed the agency to enforce its own
powers until July 2008.9
In 2010, facing the dramatic consequences of the crisis, the Obama administra-
tion tried to bring part of banking activities back under a stricter and more efficient
public oversight, restricting securities trading through the Dodd Frank Act, and in
particularly the “Volcker Rule”,10 removing the CFMA prohibition for all federal
6
“A financial instrument whose value depends on or is derived from the performance of a second-
ary source such as an underlying bond, currency, or commodity” cf. Garner (2014), p. 538.
7
“The CFTC’s last major regulatory actions involving OTC derivatives […] were regulatory
exemptions from most provisions of the Commodity Exchange Act for certain swaps and hybrid
instruments. Since that time, the OTC derivatives market has experienced significant changes-
dramatic growth in both volume and variety of products offered, participation of many new end-
users of varying degrees of sophistication, standardization of some products, and proposals for
central execution or clearing operations. While OTC derivatives serve important economic func-
tions, these products, like any complex financial instrument, can present significant risks if mis-
used or misunderstood. A number of large, well-publicized financial losses over the last few years
have focused the attention of the financial services industry, its regulators, derivatives end-users
and the general public on potential problems and abuses in the OTC derivatives market. Many of
these losses have come to light since the CFTC’s last major OTC derivatives regulatory actions in
1993”, CFTC (1998).
8
SEC (2004), 17 C.F.R. Parts 200 and 240. When the same agency tried to strengthen again the
controls over hedge funds, that was impeded by a Federal Court of Appeal, see Goldstein v. SEC,
451 F.3d 873 (D.C. Cir. 2006).
9
Regulation Z (Truth in Lending) was adopted under the 1994 Home Ownership and Equity
Protection Act, Title I, Subtitle B of the Riegle Community Development and Regulatory
Improvement Act of 1994, P.L. 103–325 §§ 151–158 (1994), codified in 12 CFR 226.32, cf. https://
www.federalreserve.gov/newsevents/press/bcreg/20080714a.htm. Accessed 20 July 2018.
The delay of the adoption was in line with the view of the Fed. Chairman, Mr. Greenspan, who
in the years before the burst of the crisis, affirmed several times that “It is, of course, possible for
home prices to fall as they did in a couple of quarters in 1990. But any analogy to stock market
pricing behaviour and bubbles is a rather large stretch. […] Thus, any bubbles that might emerge
would tend to be local, not national, in scope […] A sharp decline, the consequences of a bursting
bubble, however, seems most unlikely […] the five-year old home building and mortgage finance
boom is less likely to be defused by declining home prices than by rising mortgage interest rates”,
cf. Greenspan (2003); and also “In recent years, banks and thrifts have been experiencing low
delinquency rates on home mortgage and credit card debt, a situation suggesting that the vast
majority of households are managing their debt well […] Some homeowners drawn by large capi-
tal gains do sell and rent. And certainly in recent years some homebuyers fearful of losing a pur-
chase have bid through sellers’ offering prices. But these market participants have probably
contributed only modestly to overall house price speculation” cf. Greenspan (2004).
10
Section 619 of the Dodd-Frank Act. See above, Sect. 2.1. Cf. Bradley (2014), p. 294, comparing
it to the Liikanen report.
supervisors to regulate or ask financial institutions for the registration (and subse-
quent disclosure) of any type of swap,11 and partially modifying the wide panorama
of financial regulators.
This being the background in which banking supervision is carried out in the US,
it is necessary also to consider that a main feature of this oversight system is given
by a plurality of regulators and regulations, both at state and at federal level, which
(should) constantly interaction with each other.12
Financial institutions are then assigned to the supervision of a specific regulator
taking into account the type of activities they exercised; and which (State or federal)
authority, commonly referred to as a “Charter”,13 granted them the permission to
commence business. At federal level, nowadays US regulatory agencies include:
The Federal Reserve (Fed. Res.), the Office of the Comptroller of the Currency
(OCC), the Federal Deposit Insurance Corporation (FDIC), the Securities Exchange
Commission (SEC), the Bureau of Consumer Financial Protection (BCFP), and,
until 2010, the Office of Thrift Supervision (OTS).
In general terms, all banks are supervised either by the Federal Reserve or by the
Federal Deposit Insurance Corporation. In addition to the Fed. Res./FDIC over-
sight, State banks are also supervised by their chartering State, while national banks
are regulated by the OCC.14
Normally, federal supervisory tasks are organized around a set of shared param-
eters, which is used by all bank regulators to rate the safety and soundness of finan-
cial institutions, since its introduction in 1979 by the Federal Financial Institutions
Examination Council (FFIEC). The Uniform Financial Institutions Rating System
(UFIRS), which has been periodically revised, concerns in particular the areas of:
Capital adequacy, Asset quality, Management, Earnings, Liquidity, and Sensitivity
to market risk (from which the acronym CAMELS under which the system is also
commonly known). CAMELS examinations produce ratings on a scale of 1 to 5, in
which 1 represents no cause for supervisory concern, 3 signifies an institution with
supervisory concerns in one or more areas, and 5 shows an unsafe and unsound
bank with severe supervisory concerns. In assessing potential violations committed
by their controlled entities, supervisory agencies are granted a high degree of dis-
cretion, and can generally enjoy an extensive range of investigative sanctioning
powers, as detailed in the regulations of each agency.15
11
Title VII of the Dodd-Frank Act.
12
On the peculiar complex and sectorial nature of the US regulatory system, see Agarwal et al.
(2014), p. 4 ff; Weber et al. (2014), p. 181; Wymeersch (2007), p. 53.
13
Banks that are chartered by a State government are referred to as “State banks”; those which are
chartered at federal level, by the Department of the Treasury (through the Office of the Comptroller
of the Currency), are referred to as “national banks”.
14
Cf. Fed. Res. (2005), p. 5. Supervision and Regulation, p. 60.
15
Cf. Agarwal et al. (2014), p. 4 ff.
5.2 The Federal Reserve 151
5.2 The Federal Reserve
The Federal Reserve (Fed. Res.) is the agency competent for the supervision over
the safety and soundness of State-chartered banks that are part of the Fed. Res.
System (“State-chartered member banks”), national banks, all Bank Holding
Companies (BHC), and US branches and agencies of foreign banks.
With regard to State-chartered member banks and foreign banks’ branches, the
Federal Reserve also operates as a supervisor for the financial institutions’ compli-
ance with the AML Program prescribed by the Bank Secrecy Act, especially as
modified after the 2001 USA PATRIOT ACT.16 Indeed, even if theoretically the
Department of the Treasury maintains primary responsibility for issuing and enforc-
ing regulations to implement the AML/CFT statutes, in practice most of supervisory
responsibility has been delegated to the federal financial regulatory agencies.
Moreover, the Fed. Res., in coordination with the Securities Exchange
Commission and the State insurance authorities, also serves as an “umbrella super-
visor” for BHCs subsidiary broker-dealer or insurance activities. That is to say that
in all cases in which banks trade in securities and own subsidiary broker-dealer or
insurance companies, the agency is responsible for the review and the assessment
over the consolidated structure of the holding company, while the exercise of the
single activities by controlled companies falls under the supervision of the other
specialized regulators.17
Lastly, while the Federal Reserve shares its supervisory tasks with other agen-
cies, it also represents the single US authority responsible for the issuing and the
retirement of notes, thus combining—like the ECB—typical supervisory powers
with the monetary functions of traditional central banks.18
The Board of Governors and its Chair represent the ruling bodies of this agency,
and are both appointed by the President of the United States.19 The Board is com-
posed of seven members that have to be confirmed by the Senate for a non-renewable
mandate of 14 years, during which they cannot be removed for the opinions
expressed within their functions.20
16
Federal Crime of Money Laundering and Federal Crime of Operating an Unlicensed or
Unregistered Money Transmitting Business-Title 18, U.S.C., Crimes and Criminal Procedure, Part
I, Chapter 95, as modified by the Uniting and Strengthening America by Providing Appropriate
Tools Required to Intercept and Obstruct Terrorism Act of 2001, better known as “USA PATRIOT
Act”, P. L. 107–56, Oct. 26, 2001. See also Fed. Res. (2005), p. 66; Board of Federal Reserve
System et al. (2010).
17
Fed. Res. (2005), p. 65.
18
Fed. Res. (2005), p. 11. Powers of Board of Governors of the Federal Reserve System, Issue and
retirement of Federal Reserve notes (d): “To supervise and regulate through the Secretary of the
Treasury the issue and retirement of Federal reserve notes”, Federal Reserve Act of 1913, P.L.
63-43, codified at: 12 U.S.C. Ch. 3, as modified by the 1933 Banking Act, cit., and by the Banking
Act of 1935, P.L. 74–305.
19
Cf. Banking Act of 1935, Title II, Sec. 201.
20
While if a Governor was appointed to complete the balance of an unexpired term, she may be
reappointed to a full 14-year term, cf. the Banking Act of 1935, Title II, Sec. 203.
Among the members of the Board, the Chair and her deputy serve term of 4
years, which may be prolonged until their term as Governors has expired, with the
Senate confirmation. The Chair is the public spokesperson of the Board and its rep-
resentative; she also has to report twice a year to the Congress on the Fed. Res.
policy, and, on demand, to the Treasury Secretariat.21
The Fed. Res. is mainly financed by public funding, and in particular from the
interest on US government securities acquired through open market operations, as
well as from the interest of the Federal Reserve System’s investments on foreign
currency. Net of its expenses, the rest of the Fed. Res. earnings is turned over to the
US Treasury.22
The agency has a broad range of investigative powers.
As all regulators, the Fed. Board is entitled to examine accounts, books and
affairs of the overseen institutions at its discretion, as well as to organize off-site
surveillance and monitoring. The Fed. Res. possesses also the prerogative to issue a
subpoena in order to force a bank to conform to its requests.23 The Board may also
examine any other depository institution and any affiliates in connection with any
institution under its jurisdiction. In case of major banks, the examination results of
on-site inspections and examinations have to be presented at least each year, while
for the smaller banks the deadline is every eighteen months.24 According to the Fed.
Res. Act, once a proceeding is established, the hearings are generally public, and so
it is all the used evidentiary material.
Coming to the sanctioning powers, if the results of a Federal Reserve’s examina-
tion reveal critical situations or breaches of applicable regulations, the Board may
apply a range of informal and formal corrective measures to make the bank comply
with the given recommendations, including cease and desist orders, written agree-
ments, suspensions, non-bank activity termination, civil money penalties and crimi-
nal fines.25
If the measures imposed by the Board are not accomplished, the latter may apply
to a US District Court in order to have them enforced; a similar prerogative is con-
ferred also to the affected institution, which may appeal against the measures before
a Federal Court of Appeal.26
21
Federal Reserve Act, Sec. 10–11.
22
Fed. Res. (2005), p. 1. Overview of the Federal Reserve System, p. 11.
23
See 12 U.S.C. 1818 (n), and Section 2110.0.2.8.3 “Subpoena Power”, Board of Governor of Fed.
Res., Board of Governor of Federal Reserve (2017).
24
Federal Reserve Act, Section 11. Powers of Board of Governors of the Federal Reserve System.
25
See Section 2110.01, Board of Governor of Federal Reserve (2017); see also Board of Governor
of Federal Reserve (2018), Section 5040.
26
Cf. Section 2110.0.2.6 “Violations of Final Orders and Written Agreements”, and Section
2110.0.2.1 “Cease and Desist Orders”, Board of Governor of Federal Reserve (2017).
5.3 Other US Regulatory Agencies (FDIC, OCC, SEC) 153
5.3 Other US Regulatory Agencies (FDIC, OCC, SEC)
As initially mentioned, the Federal Reserve is not the only banking supervisor in the
US federal system, as it shares overseeing powers with other agencies, giving origin
to a complex network in which cooperation does not always work as smoothly as it
should.27
The other main US federal banking regulators are represented by the Federal
Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the
Currency (OCC).
Established by the 1933 Banking Act, and then reformed in 1935, the FDIC is the
federal agency that insures the deposits of State-chartered banks which are not part
of the Fed. Res. System, in order to guarantee both the safety and soundness of the
market and the protection of consumers. In particular, the FDIC examines compli-
ance of banks with consumer protection laws,28 and the Community Reinvestment
Act (CRA) which requires banks to help meet the credit needs of the communities
they were chartered to serve.29
The Corporation is also the back-up supervisor for the remaining insured banks
and thrift (or savings) institutions, up to certain limits fixed by the law.30 In this
sense, the agency has the authority to determine the conditions for insurance pur-
poses to be applied on insured banks and saving associations.
The FDIC is led by a Board of Directors, composed of five members, all of
whom are appointed by the President of the United States, and confirmed by the
Senate for a mandate lasting 6 years. Among the Directors, no more than three may
belong to the same political party; one shall be the Comptroller of the Currency, and
another the Director of the newly-established Consumer Financial Protection
Bureau.31 The Chair of the Board is appointed by the President, with the Senate’s
confirmation, for a term of 5 years.
FDIC possess investigative powers comparable to the Fed. Res.’ and has the
discretion to apply sanctions to its controlled entities in case of violations of the
requested parameters.32 For institutions with assets starting from $10 billion, in
addition to the CAMELS standards the FDIC is also providing a further rating eval-
uation of quarterly risk, using a scale of A to E, with A being the best rating and E
the worst.33
27
Analysing efficiency in cooperation networks, Sects. 6.1.2 (US), and 6.1.3 (Eurozone).
28
Such as the Fair Credit Billing Act, the Fair Credit Reporting Act, the Truth-In-Lending Act, and
the Fair Debt Collection Practices Act.
29
The CRA Regulation has been codified in the US Code, title 12 Chapter 30.
30
“The FDIC directly examines and supervises about 4,000 banks and savings banks for opera-
tional safety and soundness, more than half of the institutions in the banking system”, cf. FDIC
(2017b, 2018a).
31
Cf. Banking Act of 1935, Title II, Sec. 12B.
32
Sec. 8(i), Federal Deposit Insurance Act of 1950, P.L. 81-797, 64 Stat. 873.
33
Under the Large Insured Depository Institutions (LIDI) Program, cf. FDIC (2018b).
The Corporation’s funding is partially public, since it receives both earnings

from investments in the US Treasury securities, and premiums from the banks and
thrift institutions under its oversight. Contrary to the Fed. Res., the FDIC decisions
may be appealed within 30 calendar days from the date of the determination only
before an internal Board of Review, called the Supervision Appeals Review
Committee.34
The Office of the Comptroller of the Currency, on the other side, has the task to
charter, regulate and supervise national banks and federal savings associations,
making sure that they are operating in safety and soundness.
Within its jurisdiction, the OCC is also entitled to oversee the implementation of
the BSA requirements, with the prerogative of instructing a bank to file a Suspicious
Activity Report (SAR) in case of unreported suspected criminal violations.35
Similarly to the other federal agencies, it is the President of the United States, with
the confirmation of the Senate, that appoints the Comptroller of the Currency, for a
5-year term. The OCC is an independent bureau of the US Department of Treasury,
but it does not receive federal grant from the Congress; on the contrary, its funding
derives entirely from fees paid by the financial institutions under its control.
The Office possesses incisive investigative powers: the agency can examine all of
the affairs of the institutions in its jurisdiction, and interview their officers and
agents under oath. If the information requested are denied, the OCC may forfeit all
the rights, privileges, and franchises of the bank, as well as impose a penalty of no
more than $5000 for each day that such refusal shall continue.36
In performing its tasks, the OCC examination model is organized with a flexible
and decentralized structure that, in case of large banks, provides for a full-time on-
going program, with periodically rotated personnel.37 Contrary to the Fed. Res. and
the FDIC, the Office’s administrative proceedings are not public; this secrecy, how-
ever, does not imply that the information obtained during the investigations cannot
be shared with other authorities. Indeed, especially if it may be relevant to criminal
investigations, there are basically no legal constraints to disseminate information
towards any interested agency.38
Lastly, the Comptroller has the power to impose corrective measures, including
civil money penalties, if supervised entities are not complying with the require-
ments established in its statute. These sanctions may be appealed, within 30 calen-
dar days, only before the OCC Ombudsman, a body which is formally acting
34
Sections B and G, FDIC (2017a).
35
OCC (2018a), p. 51 et seq.
36
In accordance with Sections 2 and 21.1-2 “Banking examination”, Federal Reserve Act (U.S.C.,
title 12, and Secs. 141, 222–225, 281–286, and 502); OCC (2008); Office of the Comptroller of the
Currency et al (2001).
37
OCC (2018b).
38
See, e.g., OCC (1993), p. 1 et seq., stating that examination materials “may be sent to the direc-
tors of other entities that have a need for the information”.
5.3 Other US Regulatory Agencies (FDIC, OCC, SEC) 155
independently from the Office’s bank supervisory functions, but which reports
directly to the Comptroller of the Currency.39
Even though not directly related to banking supervision, it is important to take
into account the role played in financial supervision by the Securities Exchange
Commission (SEC), which operates with the purpose of protecting the investors and
the fairness of the market. Mentioning the Commission is relevant for a twofold
reason. First, the action of the SEC is extremely relevant in the US also in the bank-
ing market, taking into account the model of universal banking and the relevance
hold in the last financial crisis by the possibility for credit institutions to engage in
securities trading. Second, and above all for the purposes of this work, some orga-
nizational features of the SEC may represent a useful reference also for model of
banking supervision under the profile of independence and accountability, as it will
be further analysed.40
Established after the Great Depression of 1933–1934 to restore the investors’
confidence in the financial market,41 the SEC is governed by five Commissioners,
appointed by the President of the United States for a term of 5 years, among which
no more than three may belong to the same political party. In that number, the
President also designates the Chair of the Commission, who acts as Chief and rep-
resentative for the agency.
Contrary to all the agencies already described, the Commission and its Divisions
are funded exclusively by public money, granted with the authorization of the
Congress. Correspondingly to the ESMA, this agency has competence over all
broker-dealer and financial intermediation activities, upon which it can impose sev-
eral disclosure duties and regulations, enforcing several legislative Acts.42
The SEC has also the task to enforce brokers and dealers compliance with the
BSA requirements.43 In exercising both tasks, the SEC enjoys investigative powers
equal to those possessed by the Federal Reserve. Similar to the other supervisory
agencies, the SEC may impose sanctions, both through civil proceedings, with a
possibility to appeal before a US District Court, and through administrative pro-
ceedings, which may be reviewed before an internal administrative judge.44
39
OCC (2018a), p. 51 et seq.
40
Cf. Sect. 6.1.1.
41
Cf. Securities Act of 1933, as amended through P.L. 112-106, approved on April 5th 2012, and
Securities Exchange Act of 1934 (“Exchange Act”), as amended through P.L. 112-158, approved
on August 10th 2012, codified as 15 U.S.C. § 78d.
42
Such as the Securities Act of 1933, the Trust Indenture Act of 1939, the Investment Company Act
and the Investment Advisers Act of 1940, the Sarbanes-Oxley Act of 2002, and the Dodd-Frank
Act of 2010, cf. Sec.17(a) of the Exchange Act and Rule 17a-8.
43
SEC (2017), p. 9 et seq.
44
Cf. Section 19(c) of the Securities Act; Section 21(b) of the Exchange Act; Section 209(b) of the
Advisers Act, and Section 42(b) of the Investment Company Act.
5.4 T
he 2010 Dodd-Frank Act: Impact and Waves
of Counter-Reform
Following the 2010 reform, some changes have been made in the panorama of fed-
eral regulators, with the aim of strengthening the position of consumers within the
financial system and the control over high-risk and potentially criminal behaviours
perpetrated by financial institutions.
Firstly, the Dodd-Frank reform brought to the abolition of the Office for Thrift
Supervision, a bureau of the Department of Treasury entrusted for charting and
overseeing federal savings associations and corporations owing or controlling the
latter (Thrift Holding Companies). Established in 1989 as a response to the saving
and loan crisis, and governed by a presidentially-appointed Director, the OTS was
financed with a premium mechanism at the expense of its controlled entities.
Together with most of federal regulators, the Office was criticized during the last
financial crisis for its failure in carrying out its tasks, and preventing the deteriora-
tion of the financial market.45 Notably, however, in the following years the OTS was
the only agency to be actually shut down by the Dodd Frank Act, inasmuch as from
July 2011 its functions are exercised by the Office of the Comptroller of the
Currency.46
The 2010 reform also introduced two new supervising authorities at federal
level.
The Consumer Financial Protection Bureau’s (CFPB) goal is to ensure that con-
sumers get all the information needed for their financial decisions, especially as far
as prices and risks are concerned. To achieve so, under the lead of a presidentially-
appointed Director, the CFPB has been granted multiple competences, such as regu-
lating and supervising companies, enforcing federal consumer financial protection
laws, restricting unfair, deceptive, or abusive acts or practices, and promoting finan-
cial education among consumers.47
The Dodd-Frank Act also promoted the creation of the Financial Stability
Oversight Council (FSOC), a new body operational from 2011, and charged with
the task of identifying and responding to systematic emerging financial risks.48 The
Council put together most of the Chairs and Directors of the above-mentioned fed-
eral agencies, and an independent insurance expert, also appointed by the President;
it is chaired by the Secretary of the Treasury, for a total of ten voting and five
45
Cf. U.S. Senate Permanent Subcommittee on investigations (2011), Regulatory Failure: Case
Study of the Office of Thrift Supervision, p. 164. On the independence issue, cf. Sect. 6.1.1.
46
See Dodd-Frank Act, Title III.
47
Cf. CFBP (2017).
48
See Dodd-Frank Act, Title I, Subtitle A; FSOC (2011).
References 157
n on-voting members,49 and it is the first institution whose competence covers com-
prehensively the whole US federal financial system.50
In the aftermath of the financial crisis, the limited changes brought by the Dodd-
Frank Act raised several critics, as it did not touch very sensitive issues, such as the
concept of “universal banking” which allows banks in dealing with different busi-
ness other than the collection of deposits (such as securities trading).
To date, under the new US administration, the enforcement of even these limited
amendments appears uncertain, due to the approval of the so-called Financial
CHOICE Act before the Congress.51
The bill, explicitly aims at “eliminating red tape to increase access to capital and
credit, and repealing the provisions of the Dodd-Frank Act that make America less
prosperous, less stable, and less free, and for other purposes”.
Among its declared effects, can be counted bringing the CFPB under the control
of the US President, and the repeal of the Volcker Rule. And if it is true that some-
times history repeats itself, critical commentators may be right that the first approval
of the bill in the House of Representatives in mid-2017 resembles the beginning of
the last financial crises under “the George W. Bush administration, which went on
to bail out the financial sector. It will happen again without these protections”.52
References
Agarwal S, Lucca D, Seru A, Trebbi F (2014) Inconsistent regulators: evidence from banking. Q J
Econ Adv Access 129(2):889–938
Board of Governor of Federal Reserve (2017) Bank Holding Supervision Manual. https://www.
federalreserve.gov/publications/supervision_bhc.htm. Accessed 16 July 2018
Board of Governor of Federal Reserve (2018) Commercial Banks Examination Manual. https://
www.federalreserve.gov/publications/files/cbem.pdf. Accessed 16 July 2018
Board of Governors of the Federal Reserve System et al (2010) Interagency Statement, The 2010
Version of the Bank Secrecy Act/Anti-Money Laundering Examination Manual. https://www.
ffiec.gov/bsa_aml_infobase/documents/bsa_aml_man_2010.pdf. Accessed 16 July 2018
CFBP (2017) Consumer Response Annual Report January 1 – December 31, 2016. https://files.
consumerfinance.gov/f/documents/201703_cfpb_Consumer-Response-Annual-Report-2016.
PDF. Accessed 16 July 2018
CFTC (1998) Issues Concept Release Concerning Over-The-Counter Derivatives Market. https://
www.cftc.gov/sites/default/files/opa/press98/opa4142-98.htm. Accessed 16 July 2018
Department of Treasury (2001) Risk-Based Capital Guidelines; Capital Adequacy Guidelines;
Capital Maintenance: Capital Treatment of Recourse, Direct Credit Substitutes and Residual
49
The other regulators are: The Fed. Res., the OCC, the CFPB, the SEC, the FDIC, together with
the CFTC, the Federal Housing Finance Agency, and the National Credit Union Administration.
50
See FSOC (2015).
51
H.R. 10, Financial CHOICE (“Creating Hope and Optimism for Investors, Corporations, and
Entrepreneurs”) Act, of April 26th 2017.
52
Konczal (2017). Critical on the reform proposal also Wallison (2017).
Interests in Asset Securitizations; Final Rules, in Federal Register, Vol. 66, No. 230. https://
www.gpo.gov/fdsys/granule/FR-2001-11-29/01-29179. Accessed 16 July 2018
FDIC (2017a) Guidelines for Appeals of Material Supervisory Determinations. https://www.fdic.
gov/regulations/laws/sarc/sarcguidelines.html. Accessed 16 July 2018
FDIC (2017b) Who is the FDIC?, March 2017. https://www.fdic.gov/about/learn/symbol/index.
html. Accessed 16 July 2018
FDIC (2018a) Mission, vision, and values. January 2018. https://www.fdic.gov/about/strategic/
strategic/mission.html. Accessed 16 July 2018
FDIC (2018b) Large Insured Depository Institutions (LIDI) Program, last update January 2018.
https://www.fdic.gov/regulations/resources/largebankdim/large-bank.html. Accessed 16 July
2018
Fed. Res. (2005) The Federal Reserve System: Purposes and Functions, Library of Congress,
Washington D.C., IX Ed. https://www.federalreserve.gov/aboutthefed/files/pf_1.pdf. Accessed
16 July 2018
FSOC (2011) 2011 Annual Report, October 2012. https://www.treasury.gov/initiatives/fsoc/
Documents/2012%20Annual%20Report.pdf. Accessed 16 July 2018
FSOC (2015) 2015, Annual Report, May 2015. https://www.treasury.gov/initiatives/fsoc/studies-
reports/Documents/2015%20FSOC%20Annual%20Report.pdf. Accessed 16 July 2018
Garner BA (ed. in Chief) (2014) Black’s Law Dictionary, X edn. Thomson Reuters, St. Paul
Greenspan A (2003) Home Mortgage Market, Remarks by Chairman Alan Greenspan at the
Annual Convention of the Independent Community Bankers of America, Orlando, Florida,
March 4, 2003. https://www.federalreserve.gov/boarddocs/speeches/2003/20030304/default.
htm. Accessed 16 July 2018
Greenspan A (2004) The mortgage market and consumer debt, Remarks by Chairman Alan
Greenspan at America’s Community Bankers Annual Convention, Washington, D.C., October
19, 2004. https://www.federalreserve.gov/boarddocs/speeches/2004/20041019/default.htm.
Konczal M (2017) The G.O.P. Plan to Unleash Wall Street. NYT, June 9, 2017
Mc Fadden RD (2014) Charles Keating, 90, Key Figure in ’80s Savings and Loan Crisis, Dies.
NYT, April 2, 2014
OCC (1993) Interagency Examination Coordination Guidelines. Banking Bulletin, pp 93–38
OCC (2008) A Guide to the National Banking System, April 2008. https://www.occ.treas.gov/pub-
lications/publications-by-type/other-publications-reports/nbguide.pdf. Accessed 16 July 2018
OCC (2018a) Bank Supervision Process, Comptroller’s Handbook, June 2018. https://www.occ.
treas.gov/publications/publications-by-type/comptrollers-handbook/bank-supervision-pro-
cess/index-ch-bank-supervision-process.html. Accessed 16 July 2018
OCC (2018b) Large Bank Supervision, Comptroller’s Handbook, June 2018. https://www.occ.
gov/publications/publications-by-type/comptrollers-handbook/large-bank-supervision/pub-
ch-large-bank-supervision.pdf. Accessed 16 July 2018
Office of the Comptroller of the Currency et al (2001) Risk- Based Capital Guidelines; Capital
Adequacy Guidelines; Capital Maintenance: Capital Treatment of Recourse, Direct Credit
Substitutes and Residual Interests in Asset Securitizations- Final Rule. https://www.federal-
register.gov/documents/2001/11/29/01-29179/risk-based-capital-guidelines-capital-adequacy-
guidelines-capital-maintenance-capital-treatment-of. Accessed 16 July 2018
SEC (2004) Alternative Net Capital Requirements for Broker-Dealers That Are Part of Consolidated
Supervised Entities, RIN 3235-AI96, August 20, 2004
SEC (2017) Division of Enforcement, Enforcement Manual, Office of Chief Counsel. https://
www.sec.gov/divisions/enforce/enforcementmanual.pdf. Accessed 16 July 2018
U.S. Senate Permanent Subcommittee on Investigations (2010a) Wall Street and the Financial
Crisis: The Role of High Risk Home Loan, S.Hrg. 111-671, April 13, 2010. https://catalog.
princeton.edu/catalog/6432027. Accessed 16 July 2018
References 159
U.S. Senate Permanent Subcommittee on Investigations (2010b) Wall Street and the Financial
Crisis: Role of the Regulators, S.Hrg. 111-672, April 16, 2010. https://catalog.princeton.edu/
catalog/6432020. Accessed 16 July 2018
U.S. Senate Permanent Subcommittee on investigations (2011) Wall Street and the Financial
Crisis: Anatomy of a Financial Collapse, April 13, 2011. https://www.gpo.gov/fdsys/pkg/
CHRG-112shrg66051/html/CHRG-112shrg66051.htm. Accessed 16 July 2018
Wallison P (2017) Statement before the House Committee on Financial Service on the CHOICE
Act, April 26, 2107
Wymeersch E (2007) The structure of financial supervision in Europe. About single, twin peaks
and multiple financial supervisors. Eur Bus Organ Law Rev 8(2):237–306
Chapter 6
The Hybrid Nature of Banking Supervision
Independence and accountability, standards in information sharing, nature of super-

visory sanctions, compliance with fair trial rights: Several are the profiles relevant
under a criminal law perspective, that emerge as critical from the analysis carried
out so far on the US and, above all, on the EU banking supervisory systems.
In order to investigate over these aspects, the Chapter proceeds as follow.
In Sect. 6.1, the status and organization of the US and EU supervisory authorities
are analysed in light of the Basel Committee’s Core Principles, with special atten-
tion to the rules requiring independence and accountability, as well as effectiveness
in cooperation and exchange of information. While examining such issues is per se
relevant, given the high public interest in an efficient and fair administration of the
banking industry, these profiles result extremely meaningful also under a criminal
law perspective, since their violation may already undermine at the very bases the
possibility for banking supervisors to comply with fair trial guarantees.
This profile is especially critical in the EU, where specific considerations may be
drawn about the substantive nature of banking supervisory sanctions.
In Sect. 6.2, it is argued that a significant part of the penalties imposable by the
Single Supervisory Mechanism (SSM) within the European Central Bank shall be
recognized a punitive nature in light of the Engel case-law developed by the Court
in Strasbourg, as applied by the Court of Justice.
Following this assumption, Sect. 6.3 examines the fairness of the SSM sanction-
ing proceedings not only in light of the procedural rights already applicable to
administrative proceedings due to Article 41 CFREU, but also of the fair trial rights
required for la matière a coloration pénale by Article 6 ECHR and Article 4,
Protocol no. 7 to the Convention, as well as by their equivalents in the Charter of the
Fundamental Rights of the EU. Against this background, critical issues of non-
compliance of the SSM sanctioning procedures are identified, which pose serious
risks to undermine not only the fairness, but also the efficiency of this new European
enforcement model.

https://doi.org/10.1007/978-3-030-12161-7_6
162 6 The Hybrid Nature of Banking Supervision
6.1 B
anking Supervision and the BCBS Core Principles:
Defining Effective Supervisory Models?
Through the Core Principles for Effective Banking Supervision, the Basel Committee
pursues the safety and soundness of banks and of the banking system as such, both
directly, with the establishment of minimum prudential capital requirements, and
indirectly, with the strengthening of banking supervisory practices.1
To achieve so, the Principles tackle specific profiles of supervisory activities.
Before examining those more relevant to the present analysis, however, it is worth
recalling that these standards and recommendations do not provide clear indication
as to whether a certain supervisory model shall be considered preferable than oth-
ers. The Core Principles, in particular, remain silent with regard to a series of basic
structural choices, like as whether effectiveness is better guaranteed by a single
entity, or by multiple supervisory authorities; whether central banks should be
responsible for banking supervision (with subsequent concentration of monetary
and supervisory functions) or not; and whether it is advisable to have a consolidated
supervision of all financial services (such as banking, securities, and insurance).2
On one side, it is true that, to date, no empirical evidence has shown that these
profiles actually represent a main factor in determining the efficiency of the banking
industry3: These lacunas should not, therefore, be given an undue weight in deter-
mining the possibility to carry out meaningful comparative analyses on banking
supervisory models, and to achieve the very goal pursued by the Principles. It could
also be argued that defining an optimal level of controls in the banking and financial
field seems hard to be solved in abstracto by a single paradigm applicable to all
legal systems.4 Political, legal, economic and social contexts do matter, when it
comes to measure the effectiveness of regulatory models (but perhaps of any legal
order, including criminal justice systems).5
1
Cf. BCBS (2012), p. 4, at 16, that clearly indicates how the safety and soundness of banks repre-
sents the “primary objective for banking supervision”. For the role of the Committee and the con-
tent and structure of the Core Principles, see Sect. 3.5.
2
Profiles identified as basic organizational issues for banking supervisors by Barth et al. (2002).
Cf. however also Wymeersch (2007), p. 40 et seq., who notices that the very structure of the Core
Principles seems to meet the 3 pillars or institutional supervisory model.
3
Cf. Barth et al. (2002), p. 1; Goodhart (2000), p. 43; Masciandaro and Nieto (2014), p. 7 et seq.;
Onado (1997); Meister (2019).
4
Moloney (2012a), pp. 81 and 94, highlighting how not even the last financial crisis has made it
clear which supervisory models are correlated with strong financial markets; Jackson (2007);
Moloney (2012b), p. 138.
5
Moloney (2012a), p. 82 et seq., and Agarwal et al. (2014), referring also to the supervisory style
and approaches, including the extent to which supervisors outsource their job to self-regulation);
Black (2002), p. 22 et seq.; Black (2005), p. 101–108 et seq., and especially p. 117 et seq. in which
the author drafts a parallel between democratization of financial regulation and models of restor-
ative justice; Colliard (2014).
6.1 Banking Supervision and the BCBS Core Principles: Defining Effective… 163
Also the definition of the preferable regularoty governance model (principle, rule
or risk-based) still remains a matter for open debate.6
Banking regulation is indeed «a complex and multidimensional activity», in
which the failure of any single dimension may have important but sometimes not
easily predictable repercussions on the functioning of the whole system.7
Such basic structural choices moreover do touch sensitive public interests, which
appear especially interesting also under a criminal law perspective.
Concerning the first profile, having a single supervisory authority may seem
appropriate—among other reasons8—to prevent gaps in coordination, which inevi-
tably arise in case of multiple regulators (especially at the transnational level, where
having just a single contact point is more efficient)9; and to provide centralized and
consistent identifications of supervisory priorities, avoiding conflicts between regu-
latory goals—which are more likely to emerge if supervisory tasks are allocated to
different authorities.
A single supervisor may also be considered as more transparent and accountable,
since responsibility in policy choices (and changes in the latter) could be attributed
more clearly than in case of a plethora of supervisors. This option could allow for a
simpler and less fragmented regulatory framework, more capable to concentrate the
necessary organizational resources (e.g. personnel, training), and to avoid duplica-
tions in the proceedings. Lastly, the action of a single supervisor may better adapt to
the changes of the financial market, being a single institution characterized by more
flexibility than a complex network of authorities.10
On the other side, however, multiple regulators may appear preferable to avoid
excessive concentration of powers in the same entity11; and to prevent the growing
of supervisors into massive bureaucratic, and thus inefficient, apparatus.12
Competition among regulators may also serve as an incentive to be more responsive
to the innovation in the banking industry,13 and to favour a pluralistic and demo-
cratic raising of different, and potentially valuable approaches to supervision.14
Pro and cons may be found also as far as the role of central banks is concerned.
Assigning some supervisory tasks to a central bank, for instance, may allow for
an efficient collection of information, as these authorities already receive huge
amounts of supervisory relevant data for monetary policy purposes, and may be
6
On which see, for a detailed analysis, Black (2010); Black (2008); Moloney (2012a), p. 88 et seq.;
Castellano et al. (2012).
7
Black (2012), p. 1038; see also Sarkany (2012).
8
Analytically examining pro and cons in relation to safety and soundness of the banking systems,
and costs to supervisory authorities, and market participants, Barth et al. (2002), p. 6 et seq.
9
Cf. Llewellyn (1999), pp. xi–xix; Goodhart (2002); Abrams and Taylor (2001); Briault (1999);
Wall and Eisenbeis (2000).
10
Briault (1999), Llewellyn (1999) and Abrams and Taylor (2001).
11
Cf. Briault (1999); Llewellyn (1999); Kane (1996), p. 28; Taylor (1995).
12
Cf. Llewellyn (1999) and Abrams and Taylor (2001).
13
Kane (1984) and Romano (2001); Moloney (2012a), p. 98 et seq.
14
Cf. Llewellyn (1999).
well positioned to gather organizational resources—which might be especially

important for the timely management of banking crisis.15 Central banks, moreover,
are often supported by independence requirements, which guarantee a certain level
of safeguard to the parties involved in supervisory proceedings.16
On the other side, a timely flew of information does not necessarily require the
involvement of central banks, as long as effective information sharing agreements
are into place.17 Joining monetary policy and banking supervision may also exacer-
bate conflicts of interest18 and expose such authorities to both stronger political
pressure, that may hinder their independence, and higher reputational risks (since
failure in one of the two areas may have a direct impact also on the other).19
Finally, uncertainty remains also about the opportunity of establishing consoli-
dated models of financial supervision, to face the increasing “blurring of d istinctions
between different types of financial activities, the growing complexity and size of
financial services firms, and the increasing globalization of financial services”.20
Under this perspective, it is possible to distinguish among supervisory models based
on 3 separate pillars (banks, insurance and securities, the so-called institutional
model), on 2 pillars (a supervisor for banks and insurance, and another one for secu-
rities (functional or twin-peaks model), or on a single integrated supervisor.21 From
one side, a fragmented supervision may appear less effective to face global financial
conglomerates, while a consolidated supervision would be better placed to under-
15
In this sense, for instance, cf. Goodhart and Schoenmaker (1995) (as reported by Barth et al.
(2002), p. 12) which analyzed the data «for 104 bank failures in 24 countries during the 1980s and
find that there were fewer bank failures in countries in which banking supervision and monetary
policy were combined in the central bank»; cf. also Ioannidou (2002); Wymeersch (2007), p. 36 et
seq.; and Ferran (2012a), p. 114 et seq., highlighting how before the financial crisis, many EU
Member States located frontline responsibility for microprudential supervision of all sectors of
financial market activity with a single regulatory authority that operated autonomously from the
central bank (BE, DE, FI, DE, PL, SE, UK), others employed an integrated supervisor model in
which all functions were performed by the central bank (CZ, SK), others, finally, divided respon-
sibility between the central bank (banking supervision), securities market supervisory authority
and one or more other authorities responsible for insurance and pensions (EL, IT, PT, ES). In some
countries (such as FR, IE and UK), however, the financial crisis triggered in many counties a rear-
rangements and reappraisal of the role of central banks in financial supervision.
16
Cf. Giddy (1994) and Abrams and Taylor (2001); Goodhart (2000), p. 43, according to whom
central banks have better «better fund, more independent and hence more expert and more
reliable».
17
In this sense, for instance, cf. Goodhart and Schoenmaker (1995) (as reported by Barth et al.
(2002), p. 12) which analyzed the data “for 104 bank failures in 24 countries during the 1980s and
find that there were fewer bank failures in countries in which banking supervision and monetary
policy were combined in the central bank”; cf. also Ioannidou (2002).
18
Cf. Haubrich (1996); Briault (1999); Abrams and Taylor (2001); Goodhart and Schoenmaker
(1993, 1995); Antoniazzi (2013), pp. 156 and 159; Vella (2002), p. 163 et seq.
19
Cf. Briault (1999), Haubrich (1996) and Abrams and Taylor (2001).
20
Cf. Barth et al. (2002), p. 12.
21
Wymeersch (2007), p. 3 et seq.; Padoa Schioppa (2002); Moloney (2012b), p. 119; Goodhart
(2000), p. 11 et seq.; Weber et al. (2014), and p. 179 et seq.
stand market systemic risks, and to save costs in terms of information sharing and
internal resources.22 On the other side, however, consolidated supervision would
imply a very high concentration of powers, possibly not always justifiable in demo-
cratic societies. That might moreover originate relevant conflict of interests; a gen-
eral lower level of expertise to address specific financial sectors, and a higher risk of
adverse consequences in case of mismanagement.23
In lack of specific criteria established by the Core Principles, all these organiza-
tional choices remain in the discretion of national (or supranational, as in case of the
EU) legislators to be taken, which will have to take into account the specificities of
the single contexts to define their own optimal level of supervision. And indeed,
models of banking supervision adopted by EU Member States and in the US highly
vary from each other in their structural design.24 The following analysis of the EU
and US supervisory systems builds on this basis.
6.1.1 I ndependence and Accountability of Banking

Supervisors
According to the standards developed by the Basel Committee, independence and

accountability represent fundamental features for effective banking supervisors,
even if their practical coexistence may lead to tensions within the regulator. In this
sense, these principles have effectively been described as “communicating vessels”
which, although not ruling out each other, do “imply a delicate balance”.25 Both
parameters are established in Core Principle 2, which establishes that banking
supervisors shall not be subject of any interference from the government or the
industry—such an independence being provided by law, and publicly disclosed—
but, at the same time, shall be accountable for the discharge of their duties and use
of their resources.
Essential Criteria to Core Principle 2 further prescribe how such standards
should be guaranteed.26
First, within the applicable national legal framework, supervisors shall enjoy
discretion in setting their objectives, allocating resources, and taking any supervi-
sory actions on controlled entities; for which choices, adequately published, they
should be held responsible.
22
Abrams and Taylor (2000); Whalen (2001); Briault (1999); Llewellyn (1999); International
Monetary Fund (2001), pp. 36–38; Goodhart (2000), p. 24 ff.
23
Cf. Barth et al. (2002), p. 15; Whalen (2001); Goodhart (2000), p. 20 et seq.
24
For instance, ES, PT, IT, FR, EL, CY, LT and RO adopted an institutional model, NL, LU, SK
and BG adopted a twin-peaks model, and PL, UK, SE, DK, FI, DE, AT, BE, IE, CZ, EE, HR, LV
and MT opted for an integrated model, see Wymeersch (2007), p. 42 et seq. Cf. also Ferran (2012a),
p. 111 et seq.
25
Cf. Ter Kuile et al. (2015), p. 166.
26
Cf. BCBS (2012), Principle 2 - Essential Criteria 1,2,3,4,5,6,9.
Concerning the structure of the regulators, appointment and removal of the heads
of these authorities shall follow transparent rules established by law (and not
referred to the discretion of the appointing body); in particular, the governing body
of a supervisor shall be structured in a way that avoids “any real or perceived con-
flicts of interest”. To discourage bypassing, rules on how to avoid conflicts of inter-
est shall be supported by sanctions.27 A supervisory regulator should also be able to
rely on an independent budget, adequately financed “in a manner that does not
undermine its autonomy or operational independence”, taking into account opera-
tional needs such as travelling for on-site inspections, recruiting external experts
with specific professional skills, and providing regular training and necessary tools
to their personnel.
Finally, supervisors shall be supported by qualified “staff in sufficient numbers
and with skills commensurate with the risk profile and systemic importance of the
banks and banking groups supervised”, granted with adequate salary scales to
attract and retain it, and legally protected from lawsuits and costs caused by actions
and/or omissions made while discharging their duties in good faith.
Against this background, the paradigms of banking supervision applied in the
EU and in the US present substantial weaknesses, notably common to both systems,
which are relevant not only to assess their compliance with the Core Principles, but
also—under a criminal law perspective—their capability of carrying out reasonably
fair proceedings.
At theoretical level, in fact, explicit statements that conflicts of interests shall be
avoided, and supervisory decision-making bodies and staff shall be preserved from
undue influence may be found in basically every system. In daily oversight, how-
ever, good intents risk to be substantially downgraded by bad practices, supported
by somewhat ambiguous structural rules shaping the organization of most regula-
tory authorities.
A first weakness concerns the recruitment procedure of the heads of the supervi-
sory agencies, which in most cases also means of their decision-making bodies. At
first glance, in fact, Core Principle 2 hinders with political intrusion in the action of
banking supervisors.28 Nonetheless, assessments of these models shall not be made
only in light of independence, but also of accountability requirements. In this sense,
a political appointment, problematic under the parameter of independence, is gener-
ally unavoidable and even desirable to confer democratic coverage over technical
bodies granted with enormous powers to interfere with the rights and private life of
citizens.
To comply with both principles, therefore, it becomes pivotal the choice of which
political body is entitled to make such appointments.
Supervisory models which favour a primary role of the Executive rather than of
the Parliament may in fact rise concerns not only for the compliance with the BCBS
Principles, which clearly require independence from governmental influence. That
27
The importance of independence and absence of conflict of interests has been reaffirmed also in
the 2011 Financial Stability Oversight Council Annual Report, cf. FSOC (2011), p. 118.
28
Cf. BCBS (2012), Core Principle 2, Essential Criterion 1.
is for instance the case of the US where, as previously illustrated, all supervisory
chairpersons are directly appointed by the President with the confirmation of the
Senate. Since chairpersons have substantial powers in appointing the boards respon-
sible to lead regulators, the connection of supervisors with the US Government is
rather straightforward.29 In the EU, on the contrary, the link between national gov-
ernment and supervisors is not so direct, even if at least part of the reasons for this
difference lays on the politically fragmented structure of the Union.
Indeed, as far as the EU institutions are involved, while the European Parliament
has a voice in the choice of most Chairpersons of EU authorities, it is the European
Council that determines the composition of the SSM and SRM’s Executive Boards.30
The majority of the components of the Governing Council, however, are appointed
at national level.31 Since these appointments follow 28 (or 19 for the Eurozone) dif-
ferent sets of rules, potentially diverging in relevant aspects, such as fit and proper
evaluations, or length of mandates, the precise relationship between governmental
powers and a fair part of banking supervisor’s managements is at least not so easy
to reconstruct.
This situation could therefore result even more critical than in the US: Indeed
where centralised governmental bodies are not supported by a clear and direct dem-
ocratic mandate, as it is the case of the EU,32 governmental appointment may result
critical not only for independence reasons, but also with regard to the rule of law. In
the current legal framework, however independence of supervisory tasks is guaran-
teed by Article 19 SSM R, according to which the “ECB and the national competent
authorities acting within the SSM shall act independently. The members of the
Supervisory Board and the steering committee shall act independently and objec-
tively in the interest of the Union as a whole and shall neither seek nor take instruc-
tions from the institutions or bodies of the Union, from any government of a Member
State or from any other public or private body”.33
Accountability is instead addressed by Article 20 SSM R, which states that the
ECB shall be responsible to both the European Parliament and the Council for the
implementation of supervisory tasks, and shall provide information to the European
Parliament, national parliaments, the Commission, the euro Group, the Council, and
national parliaments,34 through annual reports or through oral or written hearings.
29
Cf. above, Chap. 5.
30
Analysing the degree of independence of the SSM against the European Parliament, Masciandaro
and Nieto (2014, p. 18 et seq.
31
32
On the limits to the delegation of administrative powers to EU agencies in light of the Meroni
doctrine, see Wolfers and Voland (2014), p. 1490 et seq. On the judicial and political accountability
of the SSM, see also Duijkersloot et al. (2017).
33
Cf. also Recital (75) SSM R.
34
In light of the impact of the SSM decisions (also) at domestic level, national parliaments may
address to the ECB reasoned observations on the annual report; request the ECB to reply in writing
to their observations; invite the Chair of the Supervisory Board to participate in an exchange of
views in relation to the supervision of banks in that Member State together with an NCA represen-
tative, cf. Article 21 SSM R.
To establish good relationships, and exchange of information with the other EU

institutions, the SSM has also concluded an Inter-Institutional Agreement with the
European Parliament35 and a Memorandum of Understanding with the Council.36
In the context of the SSM, however, there are no formal sanctions in case the
principles of independence and accountability are breached (unless they could be
classified as potential frauds to the budget of the Union, which fall under the com-
petence of the European anti-fraud office OLAF).37
The SSM results critical under Core Principle 2 under two other profiles: The
prominent role of Member States (and national law), and the relationship with the
ECB monetary policy tasks.38
First, as anticipated, according to Article 10 of the ECB Statute, most of the
Governing Council’s members are appointed at national level (and the same goes
for most of the Boards of the ESAs39), following diverging national regulation: Such
members are thus subject to different regimes of (also) accountability, a feature
which does not appear in compliance with the clarity requirements prescribed by
the Basel Committee.
Identifying which is the liable authority (e.g. for damages towards supervised
entities) is not straightforward also in proceedings characterized by the cooperation
between the ECB and national authorities. It could however be argued that where
the first is requesting the (compulsory) assistance of the NCAs ex Article 6(3) SSM
R national supervisors have no choice but to assist the ECB, so it is the latter which
shall be held responsible for the whole supervisory activity.40 The excessive reliance
of the SSM on national resources is also problematic for determining who is the
ultimate responsible for the supervisory decisions adopted. This issue is especially
relevant in daily supervision carried out by Joint Supervisory Teams, which, in the
35
Cf. Interinstitutional Agreement between the European Parliament and the European Central
Bank on the practical modalities of the exercise of democratic accountability and oversight over
the exercise of the tasks conferred on the ECB within the framework of the Single Supervisory
Mechanism, (2013/694/EU), O.J. 2013, L 320/1, based on Article 20(8) SSM R. Cf. also
Masciandaro and Nieto (2014, p. 21 et seq, highlighting also the fundamental role played by the
Court of Justice in reviewing the ECB decisions.
36
Memorandum of Understanding between the Council of the EU and the European Central Bank
on the cooperation on procedures related to the Single Supervisory Mechanism (SSM) of
11.12.2013. https://www.ecb.europa.eu/ecb/legal/pdf/mou_between_eucouncil_ecb.pdf. Accessed
20 July 2018.
37
Cf. Recital (82) SSM R. OLAF’s competence over the ECB has been affirmed by the ECJ in the
notorious Commission v. European Central Bank, Case C-11/00, 10.07.2003, ECLI:EU:C:2003:395.
On the issue see Elderson and Weenink (2003), pp. 273–301, contra see Zilioli and Selmayr
(2001), p. 213. See above Sect. 2.3.4.
38
Affirming the overall compliance of the SSM legal framework with the principle of accountabil-
ity is Ter Kuile et al. (2015), pp. 187–188, according to “It is submitted that, in establishing bank-
ing supervision at EU level and in constructing this new task of the ECB, the legislature has duly
paid respect to the requirement of accountability”. On the same line, but more cautious, Wolfers
and Voland (2014), pp. 1488–1489.
39
Cf. Article 40 ESAs Regulation.
40
On the point, see Ter Kuile et al. (2015), p. 185. Cf. Sect. 4.4. And anyway, the ECB maintains
responsibility for the overall performances of banking supervision with regard to the tasks assigned
to it by the SSM Regulations.
words of the 2016 Special Report of the European Court of Auditors, are “heavily”
composed by “staff appointed by national authorities. Thus, despite its overall
responsibility, the ECB has insufficient control over the composition and skills of
supervision and inspection team”.41
Second, as anticipated, the SSM is part of the European Central Bank, which (in
this being similar to the Federal Reserve) is now responsible both for banking
supervision and the monetary policy in the Eurozone.
According to the SSM Regulations, the SSM shall act independently from the
ECB monetary tasks, but again, the only decision-making body for both areas is the
Governing Council (due to the lack of amendments to the Treaty).42
Even if the Mediation Panel has been established precisely to reduce potential
conflicts between the two areas, several are the critical issues which might affect the
day-by-day independent management of banking supervision. As again underlined
by the European Court of Auditors, in fact, “within the ECB the SSM Supervisory
Board does not exercise control over the supervisory budget or human resources.
This raises concerns about the independence of the two areas of the ECB’s work, as
does the fact that some ECB departments provide services to both functions without
clear rules and reporting lines that would minimise possible conflicts of objectives”.43
When it comes to banking regulators, however, the hotbed of conflict of
interests—which had been proved substantial in increasing the tragic consequences
of the 2006–2008 financial crisis both in the EU and in the US, showing serious
concerns for the independence of financial supervisors—regards the relation with
the relevant industry.
For instance, US credit rating agencies helped build an active market for securi-
ties related to home loans, and continued to do so despite signs of a deteriorating
mortgage market, providing top rating (AAA) for most of those financial products.
Unsurprisingly then, a vast majority of RMBS and CDO securities with AAA rat-
ings incurred substantial losses and was downgraded to junk securities starting from
mid-2008.44 The severe consequences of such conducts were highly exacerbated by
41
Cf. European Court of Auditors (2016), p. 11. Highlighting the need to face SSM issues of demo-
cratic legitimacy, transparency and accountability, also Antoniazzi (2015), pp. 318–369.
42
Cf. Sect. 5.2 for the Fed. Res., and Sect. 4.4 for the legal basis of the SSM in the TFEU. On the
issue of the ECB multiple functions, and of the consequences in terms of the supervisor’s liability,
see D’Ambrosio (2015), especially p. 124 et seq.; D’Ambrosio (2016), p. 299 et seq.; also with
respect to the NCAs Andenæs (2015), pp. 3–6.
43
Cf. European Court of Auditors (2016), Executive Summary No. VII and VIII, and table at p. 31.
Internal audit, IT resources and (the high-management of) the legal service are some of these
shared service.
44
“Mortgage-backed securities (MBS) are debt obligations that represent claims to the cash flows
from pools of mortgage loans, most commonly on residential property” (https://www.sec.gov/fast-
answers/answersmortgagesecuritieshtm.html). They might result especially risky if interest rate on
home loans decline, causing homeowners to refinance their mortgages and deprive the holder of
the security from future interest payments. Collateralized Debt Obligation (CDO) are instead
pooled assets—such as mortgages, bonds and loans (cf. https://www.nasdaq.com/investing/
glossary/c/collateral-trust-bonds) that serve as collateral for the CDO—that their level of risk var-
ies substantially, depending on their priority in the event of default.
the fact that, since the AAA score generally implies a less than 1% probability of
incurring defaults, these are also the only investments allowed to certain entities
with high public relevance, like pension funds, and insurance companies.
The causes of these gross inaccuracies in rating have been carefully analysed in
the years following the financial collapse. The most significant was identified pre-
cisely in the “inherent conflict of interest arising from the system used to pay for
credit ratings. Credit rating agencies were paid by the Wall Street firms that sought
their ratings and profited from the financial products being rated. The rating compa-
nies were dependent upon those Wall Street firms to bring them business and were
vulnerable to threats that the firms would take their business elsewhere if they did
not get the ratings they wanted.
Rating standards weakened as each credit rating agency competed to provide the
most favourable rating to win business and greater market share. The result was a
race to the bottom”.45
Regardless of these considerations, however, in the US, no significant structural
changes have been implemented by the 2010 Dodd-Frank Act to avoid similar phe-
nomena to occur again in the future.46 At theoretical level, the activity of credit rat-
ing agencies seems to be institutionally more controlled in Europe, where it falls
under the specific jurisdiction of ESMA47—even though the latter does not extend
its jurisdiction on rating agencies established abroad, but with influence of the
European financial market such as those placed in the US.
With specific regard to the banking industry, however, an extremely critical issue
for the independence of supervisors is the relation between their decision-making
bodies and credit institutions. Indeed, the duty of banking supervisors to perform
their tasks independently from the supervised entities, stands at the very core of the
concept of effective supervision both in the EU and in the US (distinguishing it from
self-regulation) Nonetheless, the lack of effective provisions to avoid conflict of
interests between supervisors and credit institutions was revealed as one of the main
causes of the 2006–2008 financial crisis.48
45
“Additional factors responsible for the inaccurate ratings include rating models that failed to
include relevant mortgage performance data, unclear and subjective criteria used to produce rat-
ings, a failure to apply updated rating models to existing rated transactions, and a failure to provide
adequate staffing to perform rating and surveillance services, despite record revenues. Compounding
these problems were federal regulations that required the purchase of investment grade securities
by banks and others, thereby creating pressure on the credit rating agencies to issue investment
grade ratings. Still another factor were the […] (SEC) regulations which required use of credit rat-
ings by Nationally Recognized Statistical Rating Organizations (NRSRO) for various purposes
but, until recently, resulted in only three NRSROs, thereby limiting competition”, cf. U.S. Senate
Permanent Subcommittee on Investigations (2011), p. 244 et seq. On the role played by credit rat-
ing agencies during the crisis, see also Black (2012), p. 1049 et seq.
46
Cf. Sect. 5.4.
47
For the role of ESMA in the European financial market, see Sect. 4.2. For technical standards in
force, see: https://www.esma.europa.eu/convergence/guidelines-and-technical-standards.
48
While provisions on the avoidance of conflict of interest are rather common at staff level, cf.
Barth et al. (2004), pp. 43–45.
Several are the structural and contingent reasons that led to this result; among the
first, especially problematic is the way supervisors’ funding systems have been set
up.
The Core Principles do not provide clear indications on this profile, to which
usually relatively little attention is paid by the public opinion as well as by academ-
ics, so that supranational standards establishing how banking supervisors should be
funded, ensuring at the same time their independence, are currently lacking, and
models differ from authority to authority. In most of the regulators here examined,
for instance, incomes derive from periodical fees paid by the supervised entities.49
While this model does not automatically cause problems in all legal contexts,
criticisms has been raised under various perspectives. On one side, it has been high-
lighted that it may put at risk the efficiency of supervisors «when the banks are
under strain (prociclicality)».
The use of such model in the eurozone, where no harmonization of funding
schemes has been established, may also increase discrepancies in funding fee struc-
tures and impair effective coordination with national supervisors.50 Lastly, private
premiums have tangibly proved critical in backgrounds characterized by the con-
centration of financial power in the hands of relatively few big financial groups. The
already-mentioned short sales realized by Goldman Sachs in 2006 are perhaps
quintessential examples of this phenomenon, but they are far from representing an
isolated case.51 Underlying conflicts of interest have actually been recognized as one
of the main reasons for a “culture of deference to bank management”, and a light-
handed approach by supervisors that—(at least) in the period preceding the last
financial crisis—did not efficiently oppose (or even explicitly authorized) an uncon-
trolled growth of high-risk operations, and financial institutions’ speculations to the
detriment of the investors and the market.
For instance, in the less renowned case of Washington Mutual Bank (WaMu), the
heads of the former Office for the Thrift Supervision (OTS)52 did not take any sig-
nificant action against the risks undertaken by the bank in over a 5-year period,
regardless of the frequent, numerous and substantial red flags pointed out by its own
examiners.53 Among some minor collateral structural deficiencies, post-crisis inqui-
ries found out that the main cause for the OTS lax and obstructive conduct towards
WaMu relied on its dependence on a system of “semi-annual fees assessed on the
institutions it regulated, with the fee amount based on the size, condition, and com-
plexity of each institution’s portfolio. Washington Mutual was the largest thrift
overseen by OTS and, from 2003 to 2008, paid at least $30 million in fees annually
to the agency, which comprised 12–15% of all OTS revenue”.54 As summarized by
49
Cf. Sects. 4.2 and 4.4, and Chap. 5.
50
Masciandaro and Nieto (2014, p. 20.
51
Cf. supra, Sect. 2.2.
52
Cf. Sect. 5.4.
53
Cf. U.S. Senate Permanent Subcommittee on Investigations (2011), p. 162.
54
Cf. U.S. Senate Permanent Subcommittee on Investigations (2011), pp. 164 and 230 et seq.:
“When asked why OTS senior officials were not tougher on Washington Mutual Bank, several
the WaMu’s former Chief Risk Officer, “Washington Mutual made up a substantial
portion of the assets of the OTS, and one wonders if the continuation of the agency
would have existed had Washington Mutual failed”.55
The OTS “unusually deferential” performances over the mortgage market in the
years preceding the burst of the crisis, authoritatively labelled as “a regulatory
approach with disastrous results”,56 and ““by far the softest” oversight of any fed-
eral bank regulator”57 eventually led to the abolition of the Office. The 2010 reform
however (even without taking into account the potential counter-effects of the 2017
Financial CHIOICE Act), left open the very core problem related to the OTS disas-
trous performances, as the Office was not the only federal banking regulator to be in
a high-risk position of conflict of interests with its own controlled subjects.58
For instance, also the Comptroller of the Currency (OCC)’s funding structure
relies on fees paid by its regulated entities, and appears to share a “self-restrictive”
policy quite similar to that applied by the OTS.59 Interestingly, it was precisely the
OCC the regulator selected to take over OTS’ tasks.
An equally careful approach needs to be adopted also when looking at the EU
context, where not only poor and fragmented regulatory supervision, but also hid-
den conflicts of interest have been at the basis of recent notorious financial scandals,
such as Libor/Euribor and Fortis Bank’s.60
In particular, it would be wise not to ease down on the idea that after the last
financial crisis all structural deficiencies have been effectively and promptly
reformed with the Banking Union project: Even in the new financial supervisory
system, in fact, conflicts of interest maintain a high potential in affecting the effi-
ciency of banking regulators.61
This being the context, the adoption for the Single Supervisory Mechanism and
for the Single Resolution Fund of the same premium fee system used by the OTS
persons brought up the issue of fees—that WaMu supplied $30 million or nearly 15% of the fees
per year that paid for OTS’ operating expenses”.
55
James Vanasek testimony before the U.S. Senate, cf. U.S. Senate Permanent Subcommittee on
Investigations (2010a), p. 10.
56
Cf. U.S. Senate Permanent Subcommittee on Investigations (2011), p. 162 et seq. See also
U.S. Senate Permanent Subcommittee on Investigations (2010b).
57
U.S. Senate Permanent Subcommittee on Investigations (2011), p. 209 et seq.: “It seemed as if
the regulator was prepared to allow the bank to work through its problems and had a higher degree
of tolerance that I had… seen with the other two regulators.… I would say that the OTS did believe
in self- regulation […]”.
58
Cf. Sect. 5.4.
59
“Because banking is essentially a business of managing risk, supervision is centred on the accu-
rate evaluation and management of risks. The OCC believes that bankers, and not regulators,
should manage their banks”, in OCC (2008), p. 17. For OCC structure, see also Sect. 5.3.
60
For Libor/Euribor scandals, cf. above Sect. 2.2. Analysing the Fortis Bank case, see Vervaele
(2014), p. 61 et seq., more recently, also on Libor/Euribor and BNP Paribas (the latter concerning
however an embargo violation), Vervaele (2017), pp. 170–174.
61
See, e.g., ECB Monthly Bulletin (2012), p. 95.
and the OCC, apparently without any serious publicly disclosed reservation, may be
considered as rather worrisome in light of the American experience.62
Completeness demands to recall, on the other side, that in the US also the SEC,
the only regulator exclusively paid by public funding, had not proven particularly
efficient before the burst of the crisis—as shown by its notorious failure to intercept
the faults in J.P. Morgan’s anti-money laundering structure, which allowed Bernard
Madoff’s fraudulent operations to be carried out for almost 20 years beginning in
the mid-1980s.63
Part of these serious deficiencies may be ascribed to the funding model of the
Commission, that repeatedly suffered from drastic cuts in its budget, which cer-
tainly and substantially affected its action—raising also some doubts about the will-
ingness of the political parties then holding the majority in the Congress to really
ensure a proper functioning of the SEC.64
In light of the above, mixed funding models, which combine both public invest-
ments and premium fees from supervised entities, like those adopted in the US by
the Federal Reserve, and in the EU by the three European Supervisory Authorities,
appear to be a more balanced option in a hedging bets perspective.65
At least in theory, in fact, this paradigm seems to avoid excessively burdening
public finances (de facto, linking the efficiency of banking supervisors exclusively
to the political will of the government in charge) and, at the same time, make super-
62
Cf. Recitals (77)-(78) SSM R: “The costs of supervision should be borne by the entities subject
to it. Therefore, the exercise of supervisory tasks by the ECB should be financed by annual fees
charged to credit institutions established in the participating Member States”, and Recital (19)
Regulation 806/2014, “The Fund should be financed by bank contributions raised at national level
and should be pooled at Union level in accordance with an intergovernmental agreement on the
transfer and progressive mutualisation of those contributions”.
63
The case did not end up with a decision on the criminal liability of the financial institution thanks
to an out-of-court agreement before the competent supervisory authority, where J.P. Morgan con-
sented to a settlement of overall $ 2.05 billion for wilful violations of the Bank Security Act, see
U.S. Department of the Treasury (2014) and FinCEN (2014). On the structure and powers of the
SEC, see also Sect. 5.3. Highlighting the SEC’s failure during the crisis also Moloney (2012b), p.
125 et seq.
64
The extent of the budget cuts is clearly exemplified by the Senate interview of Lynn E. Turner,
former Chief accountant of the SEC, which took place on 7.10.2008, reported in Ferguson (2010),
p. 27: “Rep. Peter Welch: A hundred and forty six people were cut from the enforcement division
of the e-, SEC; is that what you also testified to?
Lynn E. Turner: Yes. Yeah, I, I think there has been a, a, a systematic gutting, or whatever you
want to call it, of the agency and its capability, through cutting back of staff. […]
Rep. Peter Welch: The SEC Office of, uh, Risk Management was reduced to a staff, did you say,
of one?
Lynn E. Turner: Yeah. When that gentleman would go home at night, he could turn the lights
out”.
On this topic, see also Stewart (2011).
65
Cf. however Ferran (2012b), p. 78, highlighting the risk of undue influence on ESAs by the EU
Commission.
visors less likely to be unduly influenced by industry or governmental interests, in

line with the independence requirements expressed by Core Principle 2.66
6.1.2 D
issemination of Collected Information and Investigative
Overlapping in the US Regulatory Framework
According to Basel Core Principle 3, both at domestic and at the international level,
banking regulators shall possess the capacity of operating within an “effective net-
work of cooperation” established through “laws, regulations or other arrangements”,
while taking in due account the need to protect confidential information.67 May be
shared within such networks, but “only for bank-specific or system-wide supervi-
sory purposes and will be treated as confidential by the receiving party”.68
Confidential information, moreover, shall not be shared with third parties, unless
the request comes from a court order or mandate from a legislative body. If a super-
visor is legally compelled to disclose confidential information received from another
regulator, it shall promptly notify the latter indicating the information to be dis-
closed and the circumstances surrounding the release. In case consent to passing on
confidential information is not given, the requested supervisor “uses all reasonable
means to resist such a demand or protect the confidentiality of the information”.69
Essential Criteria to Core Principle 3 explicitly requires that, where needed,
there shall be “evidence” that cooperation agreements, both formal or informal,
“work in practice”.70 Such cooperation agreements shall be in place not only with
other banking regulators, but also with all authorities “with responsibility for the
safety and soundness of […] other financial institutions and/or the stability of the
financial system”.71
Against this background, supervisory systems characterized by a high number of
regulators—all equipped with investigative and sanctioning powers, and granted
with jurisdictions not clearly separated one from the other—may pose substantive
issues of (non-) compliance with the parameters established by the Basel
Committee.72
At first glance, Core Principle 3 appears to set standards more critical for the US
supervisory system than for the European one.
66
Concluding on an overall sufficient level of independence and accountability for the SSM,
Masciandro et al. (2014), p. 24 et seq.
67
Cf. also Core Principle 3 – Essential Criterion 3.
68
Cf. Core Principle 3 – Essential Criteria 3-4.
69
Cf. Core Principle 3 – Essential Criterion 4.
70
Cf. Core Principle 3 – Essential Criteria 1-2.
71
Cf. Core Principle 3 – Essential Criterion 1.
72
For an overview on main critical issues in multi-disciplinary (administrative and criminal law)
cooperation in the US and in the EU, see above Sect. 2.3.4.
Indeed, the regulatory model overseas presents not only a distinction—and

sometimes a duplication—between local and federal level, but also an organization
that distributes competences among different agencies73 according to the type of the
activities exercised by the controlled entity (deposit funds, bank holding companies,
credit unions, commercial and investment banks, and so on), perhaps without taking
in due account that, following the deregulatory reforms of the 1980s and 1990s,
several concerns may be raised as to whether this criterion is still capable to ade-
quately classify financial institutions.
At the academic level, the multiplicity of supervisory authorities has been differ-
ently interpreted, giving rise to opposite orientations. Some scholars consider the
overlapping of regulatory agencies as a detrimental fragmentation that is weakening
the public oversight on matters that require a sharper and coordinated response; oth-
ers believe it to be a fruitful abundance, necessary and needing to be further devel-
oped to encourage virtuous competition and make regulators more responsive to the
proliferation of financial malpractices and crimes.74
While in theory both arguments may be sustained, in practice the option in favour
of competition among regulators may have lost some of its charm in the last decade.
The issue is again well showed by the OTS misfunctioning example.
As discovered in the course of the Senate Committee investigations, in fact, the
policy of this Office was not limited to a guilty indulgence towards its controlled
entities: It but resulted also in such a positive obstructive behaviour against the fel-
low “competitors” (FDIC examiners), with whom the OTS was sharing its oversight
task, that the relationship between the two agencies has been formally targeted as a
“turf war” ended with a “hasty seizure and sale”.75
73
Cf. Wymeersch (2007), p. 53; for an overview of all main federal US financial regulators, cf.
Chap. 5.
74
In favour of a reduction of the number of regulators see, e.g., U.S. Senate Permanent Subcommittee
on Investigations (2011), p. 36; Myers (2011); on the opposite view a consistent part of the US
scholars: Romano (2001), Kane (1984) and Kupiec and White (1996); also to avoid that a single
regulator monopoly may be affected by excessive power, cf. Llewellyn (1999) and Briault (1999).
75
Cf. U.S. Senate Permanent Subcommittee on Investigations (2011), pp. 177 and 198 et seq.:
“Beginning in 2006, OTS management expressed increasing reluctance to allow FDIC examiners
to participate in WaMu […] OTS officials employed a variety of tactics to limit the FDIC oversight
of the bank, including restricting its physical access to office space at the bank, its participation in
bank examinations, and its access to loan files. In July 2008, tensions between the FDIC and OTS
flared after the FDIC sent a letter to OTS urging it to take additional enforcement action […] OTS
not only rejected that advice, but also expressed the hope that the FDIC would refrain from future
unexpected letter exchanges. In a separate email, Scott Polakoff, a senior OTS official called the
FDIC letter inappropriate and disingenuous […] OTS even went so far as to limit the FDIC’s
physical access to office space, as well as to needed information, at WaMu’s new headquarters.
[…] OTS also restricted the FDIC’s access to an important database that all examiners used to
review WaMu documents […] from July until November 2006, a period of about four months, the
FDIC examiners were denied access to both office space on the bank’s premises and the examiner’s
library. At the same time OTS was withholding office space and database access from the FDIC
examination team, it also, for the first time, refused an FDIC request to participate in an OTS
examination of WaMu”; see also p. 208: “The WaMu case history demonstrates how important it
is for our federal regulators to view each other as partners rather than adversaries in the effort to
ensure the safety and soundness of U.S. financial institutions”.
The picture under this profile was not really significantly improved by the fact
that several Memoranda of Understanding to enforce the efficiency of the system
and regulate the dissemination of information among supervisory agencies, have
been agreed upon among US banking regulators. These Memoranda play a particu-
larly relevant role in financial investigations, for instance requiring that, when rea-
sonable suspicions of a crime are raised, all related information may freely circulate
among administrative and criminal agencies, without any possibility to oppose
effective restraints, for instance related to privacy protection.76
Most of financial institutions active in the market of subprime mortgages and
their derivate financial products in the early 2000s, such as banks (e.g Bank of
America, Citigroup, J.P. Morgan-Chase, Wells Fargo), thrifts (for instance
Countrywide Financial Corporation, IndyMac Bank, Washington Mutual Bank) and
security firms (like Bear Stearns, Goldman Sachs, Lehman Brothers, Merrill Lynch,
Morgan Stanley, but also asset management arms of large banks, as Citigroup,
Deutsche Bank, and again J.P. Morgan-Chase), were actually operating under the
constant oversight of federal supervisory regulators while engaging in increasingly
high risk financial operations, and potentially criminal conducts, that led to the burst
of the financial crisis.
As reported by the US Senate, in fact, “in the area of high risk mortgage lending,
for example, bank regulators allowed banks to issue high risk mortgages as long as
it was profitable and the banks quickly sold the high risk loans to get them off their
books.
Securities regulators allowed investment banks to underwrite, buy, and sell mort-
gage backed securities relying on high risk mortgages, as long as the securities
received high ratings from the credit rating agencies and so were deemed “safe”
investments. No regulatory agency focused on what would happen when poor qual-
ity mortgages were allowed to saturate U.S. financial markets and contaminate
RMBS and CDO securities with high-risk loans.
In addition, none of the regulators focused on the impact derivatives like credit
default swaps might have in exacerbating risk exposures, since they were barred by
federal law from regulating or even gathering data about these financial
instruments”.77
The situation in the US does seem significantly improved in the aftermath of the
post-crisis reforms. Similarly to other critical profiles mentioned above, in fact, also
the criticism arising from agencies overlapping was not satisfactorily tackled in the
2010 Dodd-Frank Act, which on the point appears quite inconclusive.
Indeed, whilst the Act, from one side, abolished an ineffective regulator as the
OTS, on the other side, it also increased the number of competent federal supervi-
sory agencies, potentially boosting rather than reducing, the overlapping
phenomenon.78
76
Cf. Lambrakopoulos et al. (2017), p. 11.
77
All references may be checked in the result of the investigations carried on by U.S. Senate
Permanent Subcommittee on Investigations (2011), p. 41.
78
Cf. Sect. 5.4.
6.1.3 D
issemination of Collected Information
Within the Single Supervisory Mechanism: Overview
of Main Critical Issues
Against the complexity of the US regulatory model, the European Union supervi-
sory system resulting from the 2011–2015 reforms and based on the Single
Supervisory Mechanism may appear quite straightforward, finally seeking for a
more effective centralized oversight, and certainly achieving an improvement if
compared to the previous highly fragmented national supervisory practice and regu-
lations.79 Nonetheless, also within the Banking Union, several are the lacunas and
discrepancies, which are raising the very same critical questions described in the US
supervisory model.
First, while the European System of Financial Supervision (ESFS) and the whole
apparatus for bank crises management (SRM, SRF, EDIS and DGS80) apply to all
28 EU Member States, the Single Supervisory Mechanism is in principle opera-
tional only in 19 States (the Eurozone),81 and thus has to cooperate with both the
ESFS and national supervisory authorities for what exceeds its direct competences
(for instance, if on-site inspections need to be carried out on a branch of a super-
vised credit institution located outside the participating Member States).
Moreover, even within its limited jurisdiction, the SSM is not providing for a
form of supervision completely alternative to banking national regulators. The latter
indeed retain relevant competences towards all less significant institutions (which
operate in the same financial market of significant ones), in the exercise of the (indi-
rect) sanctioning powers ex Article 18(5) SSM R, and in fundamental areas such as
AML/CFT and consumer protection policies (not to mention in the relationships
with domestic judicial authorities).
The ECB has therefore to heavily rely on the cooperation with national supervi-
sors; good relationships with the NCAs are necessary also in the aforementioned
case of Article 9(1) SSM R, where the SSM sends binding instructions to national
authorities.82
In such a composite framework, it is then understandable why a significant part
of the SSM Regulations aims at reinforcing forms of cooperation among and
towards national authorities, and also why, even if the Banking Union system inau-
gurated a model grounded on the action of the Single Supervisory and Resolution
Mechanisms, the (pre-existing) European Banking Authority maintains a relevant
role in facilitating inter-agency relations.83
79
Cf. above Chap. 4; cf. Shapiro (1997); Brodowski (2011).
80
81
Besides for the possibility for States externals to the Eurozone to participate in the ECB central-
ized supervision, cf. Article 7 SSM R. Cf. above, Sect. 4.2.
82
Cf. Sect. 4.4.1.
83
Cf. Chapter II SSM R, and from Part V on of the SSM FR. On the role of EBA in the Banking
Union, see also Cappiello (2015); Gortsos (2016), p. 277 et seq. Cf. also Sect. 4.2.
Against this background, compliance with Core Principle 3 requiring effective

cooperation networks represents a main challenge for banking regulators in Europe
too, and especially for the Single Supervisory Mechanism.
Indeed, critical issues on cooperation for this authority do not exclusively derive
from the BCBS Core Principles, but arise also within the same scope and mandate
of the SSM, and in particular from the provisions in the SSM Regulations concern-
ing information sharing.
A thorough analysis of these problems—mostly due to the uncertainties related
in EU law to the protection of professional secrecy, and the recognition of privileges
and immunities to the ECB members of staff, still in lack of specific case-law on the
matter84—exceeds the remit of this work.85 Even from a necessarily synthetic over-
view, however, it can be noticed how the complex relationships surrounding the
activity of the SSM raise serious questions as to whether the cooperation network in
which the Mechanism operates may be considered “effective”.86
Indeed, according to Article 20 SSM FR, the ECB and the NCAs shall cooperate
in good faith, and be subject to an obligation to share information among each other
on an on-going basis.87
The exchange of confidential information is regulated by Articles 53–62 CRD
IV/V, according to which the latter could be used only for a limited list of purposes
related to supervisory activities.88 In general, however, the obligation to provide
information to, or to exchange information within the SSM, prevails over profes-
sional secrecy. In case of third parties, protection of confidentiality follows the rules
established by Articles 431 and 432 CRR, which allow banking supervisors to par-
tially omit the disclosure of such information to the public.
Dissemination of confidential information with supervisory authorities or with
other authorities or bodies located in third countries is instead regulated by specific
bilateral cooperation agreements (Memoranda of Understanding—MOUs) with the
SSM or the NCAs.89
84
Even though cases already occurred in practice. The reference goes to the seizure of ECB docu-
ments and computer hardware, carried out by Slovenian authorities on July 6th 2016, as part of a
national investigation against central bank officials, while the ECB had not given prior authoriza-
tion for it. For that, in May 2017 the Commission has started an infringement procedure against
Slovenia, cf. https://www.reuters.com/article/us-eu-slovenia-ecb/eu-executive-acts-against-slove-
nia-over-ecb-data-incident-idUSKBN18117A. Accessed 20 July 2018.
85
The issue of professional secrecy however is dealt with, in the analysis of the privilege against
self-incrimination in SSM supervisory proceedings applying punitive administrative sanctions cf
Sects. 6.3.5 and 6.3.6. Both the issues of professional secrecy and ECB staff immunity have been
raised by Allegrezza and Rodopoulos (2017). On this issue, see also Athanassiou (2011);
D’Ambrosio (2015); Arons (2015), p. 469 et seq. For the role of confidentiality in the exchange of
information between FIUs, see above, Sect. 3.3.
86
See, e.g., Chiu (2016), p. 67 et seq.; Kern (2016), p. 253 et seq.
87
Cf. also Article 21 SSM R.
88
Cf. Article 54 CRD IV.
89
Cf. Article 55 CRD IV/V and Article 3(6) SSM R. The ECB has signed MOUs with several third-
parties, such as Banco Central do Brasil, or the Central Bank of the Republic of Turkey.
Such Memoranda, to be reviewed on a regular basis, shall assure that disclosure

of confidential information may occur only subject to a guarantee that professional
secrecy requirements in that third country are at least equivalent to those established
by CRD IV/V. In any case, information may be shared only to perform the supervi-
sory tasks of those authorities or bodies. Where the information originates in another
Member State, the dissemination also requires the express agreement of the authori-
ties which have originally disclosed it.90
Lastly, following Article 57 CRD IV/V, in case of breaches of company law, and
to strengthen the stability and integrity of the financial system, relevant information
may be shared also with authorities or bodies responsible for the detection and
investigation of such breaches.
In particular, according to Article 71 CRD IV/V, banking supervisors shall estab-
lish “effective and reliable mechanisms to encourage reporting of potential or actual
breaches” to the competent authorities.
Under this profile, if, carrying out its tasks under the SSM Regulation, the ECB
has reason to suspect that a criminal offence may have been committed, the latter is
subject to internal and external reporting obligations. At the internal level (i.e.
within the EU institutional framework), the ECB has to report suspicions of illegal
activity to the European Anti-fraud Office (OLAF), whose competence extends also
on the European Central Bank.91
Such reporting duty has been detailed in ECB Decision 2016/456 of 4 March
2016, which at Article 3 requires the ECB to report to OLAF, without delay, any
information which gives rise to a suspicion about the existence of possible cases of
fraud, corruption or any other illegal activity affecting the Union’s financial inter-
ests.92 Normally, any member of the ECB staff who becomes aware of the suspi-
cions (including temporary personnel, or members of staff of national competent
authorities who are part of joint supervisory teams and on-site inspection teams, in
matters related to their work for the ECB) shall hierarchically made such report to
either the Director Internal Audit, the senior manager in charge, or the member of
the Executive Board who is primarily responsible for his/her business area. The
latter persons shall then “without delay transmit the information to the Director-
General Secretariat”, that shall, again without delay, transmit it to OLAF.93
In case there are “justified reasons” to consider that in practice the hierarchical
referral mechanism would not work properly, and there is “concrete information
supporting the possible existence” of illegal activities internal to the ECB, the report
may be done directly to OLAF, skipping internal controls.94
90
Cf. Article 55 CRD IV/V.
91
Cf. note 29.
92
Decision (EU) 2016/456 of the European Central Bank of 4.03.2016 concerning the terms and
conditions for European Anti-Fraud Office investigations of the European Central Bank, in relation
to the prevention of fraud, corruption and any other illegal activities affecting the financial interests
of the Union (ECB/2016/3).
93
Cf. Decision (EU) 2016/456, Article 3(1) and (3).
94
Cf. Decision (EU) 2016/456, Article 3(4).
Deviations from this standard procedure may be found only in exceptional cases,
(but rather broad) where the sensitivity of the information “could seriously under-
mine the ECB’s functioning”, such as when the information concerns: Supervisory
tasks; the stability of the financial system or individual credit institutions; monetary
policy decisions; operations related to the management of foreign reserves and
interventions on foreign exchange markets; or the euro banknotes’ security features
and technical specifications.95 In these cases, the decision to exchange relevant
information with OLAF shall be taken by the Executive Board.
On the other side, on an external, or vertical dimension (ECB-Member States), if
reason to suspect that a criminal offence may have been committed emerges, the
SSM is subject only to an indirect duty to refer the matter to judicial authorities.
According to the already mentioned Article 136 SSM FR,96 the SSM is not sub-
ject to direct referral duties before to national judicial authorities, but it “shall”
request the competent NCA to do so, in accordance with national law. In particular,
from the wording of this provision, it seems that the ECB is under the obligation to
make a referral to the NCA (“shall”), while whether the latter enjoys discretion or
not in reporting suspicious information to judicial authorities remains a matter sub-
ject to the rules in the applicable national regulation.97
The opposite case in which disclosure of information is requested by national
judicial investigating authorities, is instead dealt with by ECB Decision 2016/1162
of 30 June 2016 on disclosure of confidential information in the context of criminal
investigations.98 According to it, ECB, NCAs and judicial authorities shall act in
respect of the general principles of sincere cooperation and good faith, which repre-
sent a corner stone of the EU legal framework.99
Against this background, Article 2 of the Decision specifies that, when requests
concerning supervisory or other ECB tasks are received by the ECB, the response
shall be provided by the competent NCA on behalf of the ECB.
Information may be disclosed if that is due to an expressed obligation under
Union or national law, or if that is admissible under the relevant legal framework
and “there are no overriding reasons for refusing” to do so, such as “the need to
safeguard the interests of the Union or to avoid any interference with the function-
ing and independence of the ECB, in particular by jeopardising the accomplishment
of its tasks”.
95
Cf. Decision (EU) 2016/456, Article 4, and Recital (9).
96
Cf. Sect. 4.4.3; and below, Sect. 6.3.5–6.3.6.
97
Comparative analysis shows that in a majority of Eurozone countries, NCAs are under an obliga-
tion to report suspicions of a crime emerged during their supervisory activity to the competent
judicial authorities (AT, BE, DE, FR, IE, LU, and de facto IT), while in a minority of countries
NCAs retain margin of discretion in whether to inform the judicial authorities (EL, NL). Cf.
Lasagni and Rodopoulos (2019).
98
Decision (EU) 2016/1162 of the European Central Bank of 30.06.2016 on disclosure of confi-
dential information in the context of criminal investigations (ECB/2016/19).
99
Cf. Decision (EU) 2016/1162, Recitals (3) and (8).
In this regard, it has been underlined that reporting obligations deriving from
Decision 2016/1162 appear inconsistent with the ECB reporting obligations deriv-
ing from Article 9(1) SSM R, according to which the SSM “shall have all the pow-
ers and obligations, which competent and designated authorities shall have under
the relevant Union law, unless otherwise provided for by this Regulation”.100 Indeed,
while the SSM Regulation seems to equalize the position of the SSM with that of
NCAs (including a duty to report suspicions of crime to judicial authorities, where
so provided at national level), Decision 2016/1162 leaves much more discretion to
the ECB. This discretion, moreover, does not find its legal bases in the SSM
Regulation, requested under Article 9 SSM R, but by a subsequent ECB Decision.
Both in this case, and when reporting duties apply at the internal level (OLAF),
critical issues arise also with regard to the immunity recognized to the ECB/SSM
members of staff. The scope of such immunity shall be measured with regard to EU
law101 as interpreted by the Court of Justice, and (especially until a solid SSM-
related case-law will be developed by the CJEU) taking into account the jurispru-
dence provided for by the ECtHR and national courts on the matter.102
At present, useful indication about the SSM scope of the discretion in refusing
the production of documents to judicial authorities may be found in the 1990 CJEU
Order in Zwartveld, concerning the request of a Dutch prosecutor to disclose both
inspection results gathered by the Commission in the field of fish market, and the
identity of the inspectors.103
In that case, the Court recognized to the Commission the discretion to refuse
documents production “to a national judicial authority on legitimate grounds con-
nected with the protection of the rights of third parties or where the disclosure of
this information would be capable of interfering with the functioning and indepen-
dence of the Community, in particular by jeopardizing the accomplishment of the
100
Cf. Allegrezza and Rodopoulos (2017), p. 246, according to which “it is noteworthy that no
limitations of liability or immunities of the ECB and the SRB are provided for by the texts, despite
similar provisions that are found in national legal systems with regard to national supervisory
authorities. However, according to opinions expressed in the doctrine, limitations can be justified,
either on the legal basis of ‘the general principles common to the laws of the Member States’, or
the criterion of ‘sufficiently serious violation’, as this has been formed by the CJEU case law”.
101
Including Articles 274 and 343 TFEU; Article 39 of the ECB Statute (Protocol no. 4 to the
TFEU); Protocol No. 7 to the TFEU On the Privileges and Immunities of The European Union;
Regulation (EU, Euratom) No 883/2013 (OLAF Regulation); and the Headquarters Agreement
between the Government of the Federal Republic of Germany and the European Central Bank
concerning the seat of the European Central Bank, of 18.09.1998 [SEC/GovC/4/98/07].
102
See, e.g., ECtHR, Waite and Kennedy v. Germany, 18.02.1999, Application No. 26083/94, § 63;
and Greenpeace Nederland and Procurator General at the Supreme Court of the Netherlands
(intervening) v Euratom, Judgment on Appeal in Cassation, Decision No LJN: BA9173, RvdW
(2007) No 992, NJ 2008, 147, ILDC 838 (NL 2007), 13.11.2007, (Netherlands Supreme Court),
where the immunity was refused on the basis that functional immunity test requires it to assess
“whether or not the acts in question are immediately connected to the tasks entrusted to the
organisation”.
103
J.J. Zwartveld and Others, Case C-2/88 Imm., Order of the Court of 6.12.1990,
ECLI:EU:C:1990:440.
tasks entrusted to it”,104 only as long as the Commission was able to provide con-
crete, reasoned and specific evidence of these risks.105
On the other side, according to Decision 2016/1162, when the request is received
by an NCA and when the information required “is material, or that disclosure
thereof has the potential to adversely affect the reputation of the SSM”, the NCA is
under the obligation to seek the ECB advice on whether it is appropriate to comply
with the request, informing it in a timely manner, and “in any event, before provid-
ing a final response” to the judicial authorities.106
Here, it is the position of NCAs that appears particularly critical: In fact, on one
side, the NCA shall presumably follow the advice of the ECB on whether to comply
or not with the request, but on the other side, refusal to provide the information may
be considered as a crime by national legislation.107
A last relevant issue which shall be highlighted with regard to cooperation net-
works in SSM supervisory proceedings concerns the uncertainties about the stan-
dards of admissibility within administrative proceedings for information collected
under criminal procedural rules, and vice versa.108
The first hypothesis results less critical under a strict criminal law perspective,
since guarantees for defendants in criminal investigations are usually higher than
those established in administrative proceedings. This situation has been considered
by the Court of Justice in its 2015 decision WebMindLicence, concerning the use of
information collected through wiretapping, and the seizure of e-mails (this latter
lacking the necessary judicial authorization) during criminal investigations in a tax
administrative proceeding.109
In this case, the Court indicated that not only the proportionality of investigative
measures shall be assessed to determine the legitimacy of limitations to a funda-
mental right enshrined in the Charter (Article 7, in the specific case). Moreover the
same test shall be applied also to assess the “use” of the evidence so obtained at
trial.110
104
Id., § 11.
105
Id., §§ 11-13.
106
Cf. Decision (EU) 2016/1162, Article 3.
107
As it is, for instance, the case of Banca d’Italia, according to Article 7(1)(2) of Legislative
Decree no. 385, of 1.09.1993 (“Testo Unico Bancario”-TUB).
108
For a general framework of critical issues on the matter, see above, Sect. 2.3.4.
109
WebMindLicenses kft v Nemzeti Adó- és Vámhivatal Kiemelt Adó- és Vám Főigazgatóság, Case
C-419/14, 17.12.2015, ECLI:EU:C:2015:832.
110
Id., § 80, as highlighted by Tesoriero (2016), p. 1542 et seq. While the Court affirms this prin-
ciple with regard to transversal cooperation (administrative and criminal trial), it remains open the
question whether the same test shall be applied also within the same (administrative or criminal
proceeding). In case of a positive answer, it should then be necessary to examine separately not
only whether the investigative measure is in itself within the limits of Article 52(1) CFREU, but
also if the admission of that evidence at trial is in compliance with the same parameters. Among
the authors highlighting also the critical issues emerging from the lack of shared standards of
defence rights see, e.g., Gless (2013), p. 90; Klip and Vervaele (2002); Ruggeri (2015), p. 147 et
seq.; Caianiello and Di Pietro (2016); Mangiaracina (2004), p. 2194; Di Federico and Di Chiara
(1994); Traverso (1997); Allegrezza (2008a); Kostoris (2017).
The CJEU concluded that the administrative court receiving such information
“must be able to verify whether the evidence on which that decision is founded has
been obtained and used in breach of the rights guaranteed by EU law and, espe-
cially, by the Charter. That requirement is satisfied if the court hearing an action
challenging the decision […] is empowered to check that the evidence upon which
that decision is founded”.111
The receiving court, therefore, shall proceed with a double proportionality test:
First to verify whether the measures adopted to obtain the information did not go
beyond what is necessary to pursue the objective of general interests protected by
criminal proceeding; and afterwards, to verify whether its admissibility is propor-
tionate with the aim of the administrative proceeding, in the sense that the informa-
tion could not have been obtained by means of investigation that interfere less with
the rights at stake.112
This double-proportionality test, as it has been underlined, may be applied also
in the opposite case, much more critical in terms of fair trial rights protection, that
is when the information is transmitted from an administrative authority, e.g. a bank-
ing supervisor, to judicial ones.113 In this case, in fact, effective dissemination of
information could be impaired by criminal procedure rules on the admission of
evidence, according to which (in principle) information cannot be used in criminal
proceedings if it has been collected at administrative level in violation of “core”
procedural fair trial rights.114
Even besides for any consideration on the substantive nature of certain supervi-
sory sanctions,115 this is therefore a first reason why administrative authorities,
including the ECB in its supervisory capacity, shall take fundamental criminal pro-
111
Id., §§ 86-89.
112
Id., §§ 75 and 82.
113
Cf. Tesoriero (2016), p. 1540.
114
In this sense, while all procedural rights provided for by Articles 6 ECHR and 47-48 CFREU are
fundamental fair trial rights, “core” procedural fair trial rights are considered only those whose
violation is never tolerated by the case-law of the European Courts (for the time being, especially
by the ECtHR—although without that necessarily meaning the application of exclusionary rule,
since the Court in Strasbourg has never recognized automatic exclusions besides for violations of
Article 3 ECHR—on this see below Sect. 6.3.5). Lacking a shared notion of what exactly this
“core” is composed of, in this work this expression is used to refer to those procedural rights which
apply to every proceeding, regardless of its nature (Article 41 CFREU), plus those of Article 6
ECHR (and their correspondents in Articles 47-48 CFREU) that the ECtHR has selected as essen-
tial to be complied with also in case of administrative proceedings with substantive criminal nature
according to the Engel criteria. This definition allows a general identification of the “core” rights,
but critical issues still remain open concerning then the precise identification, within each of these
rights, of the procedural rules that identify the “core” of each of these rights (e.g., in the privilege
against self-incrimination, is it enough to be able to exercise the right, or also being informed of
the possibility to remain silent is indispensable not to violate the “core” of this right?). This highly
critical problem is not solved in general terms in this work, but a proposal of which are the “core”
procedural rights, also in their more detailed application, shall be complied with in the sanctioning
proceedings of the Single Supervisory Mechanism, is carried out below, in Sect. 6.3.
115
Cf. below, Sect. 6.2.
cedural rights into account: Not doing so, could not only prevent the supervisor
from operating within an “effective network of cooperation”, as required by Basel
Core Principle 3. It could also affect the efficiency of information exchange pre-
cisely in the most serious cases, where violations are so severe to require the inter-
vention of judicial authorities.
Lastly, and contrary to the US, in the EU, the relatively recent establishment of a
single supervisor may also present critical issues concerning cooperation under a
rather peculiar point of view.
A short-term perspective, in fact, sees an oversight on major European banking
groups that is no more exercised by NCAs, while the SSM—already operative—is
still struggling on several fronts to get effective. Integrating its internal legal frame-
work to cover all (or at least most) aspects of a complex system of banking supervi-
sion; gathering the adequate resources to perform its tasks (especially in terms of
personnel); trying to establish effective forms of cooperation with the NCAs, that
have to acquire a “secondary” role where they first had exclusive competence, and
establish relations with third countries supervisory authorities (such as the US), and
with the supervised credit institutions themselves (which in some cases challenged
the ECB before the Court of Justice to precisely to avoid its supervision116): These
are all challenges that still engage the ECB after almost five years from the estab-
lishment of the SSM.
Taking into account the necessary time frame to achieve so, the EU, and espe-
cially the Eurozone shall not therefore underestimate the risk of temporary lacunas
or blind spots in banking supervision, to avoid the whole SSM system to be torn to
shreds from its very outset.
6.2 B
anking Supervisory Sanctions in the EU: A New Field
of Criminal Law?
Both in the EU and in the US, banking supervision is a matter clearly regulated
under the label of administrative law.
Supervisory sanctions, therefore, formally have an administrative nature. This
choice finds confirmation also in the Regulations of the Single Supervisory
Mechanism, which entitles the ECB to impose only administrative penalties117).
116
Cf., recently, Landeskreditbank Baden-Württemberg - Förderbank v European Central Bank,
Case T-122/15, 16.05.2017, ECLI:EU:T:2017:337 and also, although on different grounds, Crédit
mutuel Arkéa v European Central Bank, Case T-712/15, 13.12.2017, ECLI:EU:T:2017:900 cur-
rently appealed before the ECJ, see Crédit mutuel Arkéa v ECB, Case C-152/18 P, 20.04.2018; and
Crédit mutuel Arkéa v European Central Bank, Case T-52/16, 13.12.2017, ECLI:EU:T:2017:902,
currently appealed before the ECJ, see Crédit Mutuel Arkéa v ECB, Case C-153/18 P, 23.02.2018.
Interestingly, however, the number of credit institutions subject to direct ECB supervision has
decreased since the Mechanism entered into force in 2014.
117
This option is provided for by Article 65 CRD IV, as described above in Sect. 4.3–4.4. This limi-
tation that, as previously discussed, may become critical in case Member States would decide to
6.2 Banking Supervisory Sanctions in the EU: A New Field of Criminal Law? 185
As renowned however, at least in Europe the classification made at statutory

level represents only a residual criterion to determine the nature of a sanction, due
to the substantial interpretation of matière pénale, developed by the Court in
Strasbourg with the Engel doctrine.118
This case-law results particularly relevant for the system(s) of European banking
supervision as, thanks to its adoption by the Court of Justice in the landmark cases
Hüls AG, Spector, Bonda and Fransson discussed above,119 this doctrine is today
applicable not only under before the ECtHR, and toward sanctions imposed at
national level, but also to penalties imposed by European institutions, bodies and
agencies, even in lack of any formal accession of the Union to the Convention
(although until then, the CJEU remains the only court with jurisdiction on the
matter).
Examining the penalties contained in CRD IV/V120 as well as the SSM supervi-
sory and sanctioning powers121 in light of the second (nature of the offence) and the
third (severity of the penalty) Engel criteria, several hints emerge which lead to
conclude that, besides for their formal classifications, some of the sanctions impos-
able in this supervisory legal framework de facto possess a criminal nature.122
In this sense, it is worth reminding that the Court in Strasbourg and the Court of
Justice do not distinguish between natural and legal persons in the application of the
Engel doctrine, and, especially for Strasbourg, several are the cases in which fair
trial rights deriving from a substantial approach to the definition of criminal matter
have already been recognized to legal persons.123
Under the first Engel criterion, SSM and CRD IV/V supervisory sanctions seem
to well fit in the parameters, previously described, developed by the ECtHR to
describe a substantially criminal “nature of the offence”.124
First, CRR and CRD IV/V request all banks in the EU to adopt certain prudential
conducts in the management of their activities; breaches of such standards may then
transpose the sanctioning provisions of CRD IV through criminal law provisions, as allowed by the
Directive.
118
As already analysed in Sect. 2.3. On the impact and relevance of the Engel case-law in banking
matters, see D’Ambrosio (2016), p. 1031 et seq. In general terms, see Trechsel (2005), pp. 14–30;
Ubertis (2009), p. 25 et seq.; van Dijk (2006), pp. 543–554; Lupária (2017), p. 940.
119
Hüls AG, Case C-199/92, § 150; Spector, Case C-45/08, § 42; Bonda, Case C-489/10, §§ 36;
Fransson, Case C-617/10, §§ 35-37, as analysed in Sect. 2.3.
120
As described in Sect. 4.3.
121
As described in Sects. 4.4.1 and 4.4.2.
122
On the general classification of supervisory sanctions in light of the Engel case-law, see De
Moor Van Vugt (2012), p. 5; D’Ambrosio (2013), p. 9.
123
Cf. for the CJEU, Spector, Case C-45/08, § 42; for the ECtHR see, e.g., Société Stenuit v.
France, 27.02.1992, Application no. 11598/85, § 7, with regard to the Commission report of
30.05.1991; Menarini Diagnostics S.r.l., § 44; Lilly France S.A. v. France; Didier v. France (dec.),
27.08.2002, Application no. 58188/00; Dubus SA, § 36. See also Jones and Sufrin (2016), p. 895;
Andreangeli (2008), pp. 17–18. For more on locus standi of legal persons under the Convention
see Zwaak (2006), pp. 52–55 and with regard to the application of the Engel criteria, p. 552. See
also Slater et al. (2008), p. 18. Analysing the privilege against self-incrimination for legal persons,
Sect. 6.3.5.
124
Cf. Sect. 2.3.
be sanctioned by Member States or, within its competence, by the ECB, applying
the national transpositions of CRD IV/V.
Second, such supervisory sanctions are undoubtedly also the result of supervi-
sory IV/V proceedings “instituted by a public body with statutory powers of
enforcement”, and in particular as established by CRD IV/V or in the SSM
Regulation.125
Moreover, in the wording of the Court, these provisions enjoy a “generally bind-
ing character” within their field of application,126 and prescribe “conduct of a certain
kind” which seek “to punish as well as to deter”, making “the resultant requirement
subject to a sanction that is punitive”.127 Lastly, the imposition of any sanction by
the SSM is “dependent upon a finding of guilt”, another clue identified by the
ECtHR as symptom of the substantive criminal nature of a provision.128
Against this background, substantial criminal nature may hence be recognized to
the sanctions provided for by Article 18(1) and, indirectly, by Article 18(5) SSM R,
which clearly state that penalties may be imposed upon credit institutions which
“intentionally or negligently, breach a requirement”.129
A similar deduction may be drawn also for the sanctions consisting in the publi-
cation of the penalties imposed, provided for by Articles 18(6) SSM R and 68 CRD
IV/V, as well as to the other “naming and shaming” provisions of Articles 66(2)(a),
1a, Regulation 2532/98, and 67(2)(a) CRD IV/V.130 In all these cases, in fact, the
negative reputational effects pursued by the sanctions appear to serve punitive and
deterrent, rather than restorative aims,131 which extend its effects (reputational, but
also financial) directly towards the offender and indirectly towards other credit insti-
tutions, influencing their future behaviours.
This conclusion is further supported by those who highlighted how the publica-
tion is inextricably linked with the administrative fine imposed, of which it repre-
sents a mere “corollary”.132 Following this interpretation, at least in those cases
where the administrative fine is recognized substantial criminal nature, the same
should apply also for its publication.133
125
Benham v. the United Kingdom, § 56.
126
Bendenoun v. France, § 47.
127
Öztürk v Germany, § 53; Grande Stevens, § 96.
128
Cf. Sect. 2.3.
129
Cf. Sect. 4.4.2.
130
Consisting of “a public statement which identifies the natural person, institution, financial hold-
ing company or mixed financial holding company responsible and the nature of the breach”, cf.
also above, Sects. 4.3 and 4.4.2.
131
Cf. D’Ambrosio (2013), p. 25.
132
In this sense, Opinion of Advocate General Mengozzi in Case C-203/12, Billerud Karlsborg AB,
Billerud Skärblacka AB v. Naturvårdsverket, delivered on 16.05.2013, ECLI:EU:C:2013:320, § 31.
133
Cf. Id., Opinion in Case C-407/14, María Auxiliadora Arjona Camacho v. Securitas Seguridad
España, SA, delivered on 3.09. 2015, ECLI:EU:C:2015:534, note 40, which includes “naming and
shaming” provisions among the “range of penalties” available to Member States; at academic
level, see, e.g., Doorenbos (2007), p. 88, referring to ECtHR decisions: O. v. Norway, 11.02.2003,
Application no. 29327/95; Ringvold V. Norway, 11.02.2003, Application no. 34964/97; Hammern
Even more evident hints that some supervisory sanctions present a substantial
punitive nature raise in the application of the third Engel criterion, concerning the
severity of the penalty that the person concerned risks incurring. In this sense, refer-
ence shall be made to the amounts and potential impact of supervisory penalties
upon the budget of supervised entities,134 alone or in combination with other disci-
plinary (or, as called in the SSM Regulations, “supervisory”) sanctioning powers.
In Öztürk v. Germany, in fact, the ECtHR clearly stated that the criminal nature
of a sanction is not automatically excluded by the fact that an offence is not punish-
able by imprisonment,135 and indeed both the ECtHR and the CJEU have repeatedly
recognized criminal nature to pecuniary administrative sanctions imposed by
administrative authorities with jurisdiction in tax law,136 as well as in economic and
financial law, such as the Italian regulatory authority for market and competition137;
and, in France, the sanctions committee of the financial market supervisory
authorities138; the Competition Commission139; the Financial Markets Board,140 and
the Disciplinary Offences (Budget and Finance) Court.141
In some cases, the assessment of the Court in Strasbourg referred to sanctioning
proceedings especially comparable to the one carried out by the SSM.
That is, for instance, what happened in the case of the then existing French
Commission bancaire in Dubus S.A. v France.142 According to former Articles L.
v. Norway, 11.02.2003, Application no. 30287/96; Pfaeltzer (2014), pp. 144–145, according to
which “After all, in its decision to impose an administrative fine, the supervisor indicates that the
sanction will be published. This indication implies that the decision to publish has been made
together with the decision to impose the fine. As a result, the administrative fine and its publication
each have a punitive character”.
134
On the possibility of considering the sanction pénale depending on the “nature, as significant or
less significant, of the bank concerned”, see D’Ambrosio (2013), p. 27; on the same line, in general
terms, Trechsel (2005), p. 24, but see also p. 26. For a more detailed analysis of the third Engel
criterion, see above, Sect. 2.3.
135
Öztürk v. Germany, § 53; Nicoleta Gheorghe v. Romania, § 26, according to which “la requérante
n’encourait plus une peine d’emprisonnement à l’époque des faits. Cela n’est toutefois pas déter-
minant en soi aux fins de l’applicabilité du volet pénal de l’article 6 de la Convention car, comme
la Cour l’a souligné à maintes reprises, la faiblesse relative de l’enjeu ne saurait ôter à une infrac-
tion son caractère pénal intrinsèque”.
136
Cf., recently, for the ECtHR, A and B v. Norway, and Jóhannesson and others v Iceland; for the
ECJ see e.g. Fransson, Case C-617/10, §§ 35-37; Bonda, Case C-489/10, §§ 36-46.
137
Menarini Diagnostics S.r.l., § 44.
138
Messier v. France (dec.), 19.05.2009, Application no. 25041/07, § 35.
139
Lilly France S.A. v. France.
140
Didier v. France.
141
Guisset v. France, 26.09.2000, Application no. 33933/96, §59. For a more detailed recollection
of cases on the matter, see, e.g., Trechsel (2005), pp. 23–24; van Dijk (2006), pp. 548–554.
142
Since 2010 joined with the Autorité de contrôle des assurances et des mutuelles, the Comité des
établissements de crédit et des entreprises d’investissement, and the Comité des entreprises
d’assurances in the new Autorité de contrôle prudentiel et de résolution (ACPR), cf. Ordonnance
n° 2010-76 du 21.01.2010 portant fusion des autorités d’agrément et de contrôle de la banque et de
l’assurance, NOR: ECEX0929065R, Version consolidée au 04 juillet 2017.
613-3 and L. 613-21 of the Code monétaire et financier, the Commission, an admin-
istrative authority performing supervisory tasks and directly related with the French
national central bank,143 was entitled to impose upon its controlled entities disciplin-
ary sanctions144 and/or pecuniary penalties amounting up to the minimum capital
required of the legal entity. The substantive nature of these powers was recognized
as a coloration pénale by the ECtHR (in line with what previously already acknowl-
edged by the French Conseil d’Etat145), taking into account the notable financial
consequences of the applicable sanctions (“De telles sanctions entraînent des con-
séquences financières importantes, et partant, peuvent être qualifiées de sanctions
pénales”146).
Similar conclusions were drawn in the 2014 decision Grande Stevens and others
v Italy concerning the Italian authority for securities supervision (CONSOB).147
Also in this case, the Court adopted a reasoning which seems to fit rather well also
to the case of banking supervision.
First, the Court recognized that the general interests pursued by CONSOB—pro-
tecting investors and ensuring the effectiveness, transparency and development of
the stock markets—are usually protected by criminal law. The Court also noticed
that the fines had both deterrent and punitive purposes, and that they were imposed
“on the basis of the gravity of the impugned conduct, and not of the harm caused to
investors”.148
The ECtHR then examined the nature and severity of the penalty which was
“likely to be imposed” on the applicants, taking into account that CONSOB sanc-
tioning powers ranged from disciplinary measures—such as temporary loss of their
honour for the representatives of the companies involved; temporary prohibition
from administering, managing or supervising listed companies; prohibition from
engaging the services of the offender; and temporary ban of the individual’s right to
carry out his or her professional activity—to pecuniary fines—which “could go up
to EUR 5,000,000 […], and this ordinary maximum amount could, in certain cir-
143
Cf. former Article L. 613-3 “La Commission bancaire comprend le gouverneur de la Banque de
France ou son représentant, président, le directeur du Trésor ou son représentant le président de
l’Autorité de contrôle des assurances et des mutuelles ou son représentant et quatre membres ou
leurs suppléants nommés par arrêté du ministre chargé de l’économie pour une durée de cinq ans
dont le mandat est renouvelable une fois: 1. Un conseiller d’Etat proposé par le vice-président du
Conseil d’Etat; 2. Un conseiller à la Cour de cassation proposé par le premier président de la Cour
de cassation; 3. Deux membres choisis en raison de leur compétence en matière bancaire et finan-
cière (…)”.
144
Such as “1. L’avertissement; 2. Le blâme; 3. L’interdiction d’effectuer certaines opérations et
toutes autres limitations dans l’exercice de l’activité; (…) 6. La radiation (…) de l’entreprise
d’investissement de la liste des (…) entreprises d’investissement [agréées] (…). Il en va de même
s’il n’a pas été déféré à l’injonction prévue à l’article L. 613-16”, cf. former Article L. 613-21.
145
CE, 29.11.1999, no 194721, Société Rivoli Exchange.
146
Dubus S.A. v France, §§ 36-38: “La Cour est d’avis que la Commission bancaire, lorsqu’elle a
infligé à la requérante la sanction du blâme, devait être regardée comme un “tribunal” au sens de
l’article 6 § 1 de la Convention”.
147
On the issues, see D’Ambrosio (2017), pp. 1031–1036. Cf. also above, Sect. 2.3.2.
148
Grande Stevens, § 96, and the cases there mentioned.
cumstances, be tripled or fixed at ten times the proceeds or profit obtained through
the unlawful conduct”.149
Against this background, the Court considered such penalties of undeniable
severity and significant financial implications, capable of compromising the integ-
rity of the persons concerned, and therefore, criminal in nature.150 This case-law was
then confirmed by the CJEU in the three 2018 aforementioned decisions, both with
regard to the tax matter (Menci) and to the very same CONSOB (Garlsson Real
Estate SA, Di Puma-Zecca).151
In light of such case-law, a substantial criminal nature to banking supervisory
sanctions may therefore be recognized to Article 18(1) and to the fines imposable
under Article 18(7) SSM R,152 where they confer the Single Supervisory Mechanism
the power to impose administrative pecuniary penalties of up to twice the amount of
the profits gained or losses avoided because of the breach where those can be deter-
mined, or up to 10% of the total annual turnover of a legal person in the preceding
business year. This conclusion holds true also taking into account that the concrete
fines imposed by the ECB might be lower than the maximum amount provided for
by the Regulation. Indeed, according to the ECtHR case-law, the severity of the
penalty that shall be considered purposes of the Engel test refers to the “maximum
penalties which could have been imposed” in abstracto, that is the “degree of sever-
ity of the penalty that the person concerned risks incurring”, and the importance of
the interests at stake in the proceeding.153
Similar conclusion might be also drawn for Article 66(2), let. c), d) and e), and
Article 67(2), let. e), f) and g) CRD IV/V, according to which breaches may be
sanctioned by penalties of up to 10% of the total annual net turnover (for legal per-
sons) or up to EUR 5.000.000 (for natural persons), or of up to twice the amount of
the benefit derived from the breach where that benefit can be determined (in both
cases).
In these situations, however, the substantial criminal nature of such provisions
needs to be examined also in light of the transposition of CRD IV. While no issue
arises in case they are transposed with criminal law provisions, a case-by-case anal-
ysis (which goes beyond the remit of this work) at the national level may be required
where they have been implemented as administrative sanctions. 154
149
Grande Stevens, § 97.
150
Grande Stevens, §§ 98-99.
151
Menci, Case C-524/15; Garlsson Real Estate SA, Case C-537/16; and Joined cases Di Puma
(C-596/16) and Zecca (C-597/16), previously analysed in Sects. 2.3 and 2.3.3.
152
Whose classification as substantially criminal has been so far accepted also at academic level,
cf. Allegrezza and Rodopoulos (2017), p. 245; D’Ambrosio (2017), p. 1031 et seq.; D’Ambrosio
(2013), p. 26 et seq.
153
Cf., e.g., Campbell and Fell v the United Kingdom, § 72; Demicoli v Malta, § 34; see also
Trechsel (2005), p. 24; Harris et al. (2014), p. 376 and case-law there mentioned.
154
for a comparative analysis of banking supervisory enforcement systems in 10 of the 19 Eurozone
Member States, see Allegrezza (2019).
Lacking still any specific case-law on the matter, however, the substantive nature
of the measures applicable at the end of supervisory proceedings is not always eas-
ily recognizable. This is especially true when they are different from pecuniary
penalties, and no subjective requirement has been established yet, so that they are
applicable regardless of any evaluation upon the “negligence” or “intention” of the
supervised entity.155
This is, for instance, the case of cease and desist orders (Articles 66(2), let. b)
and 67(2) let. b) CRD IV/V); suspension of the voting rights for the responsible
shareholder(s) (Article 66(2), let. f); the withdrawal of the banking authorisation
(Article 67(2) let. c); and the temporary ban from exercising functions in institu-
tions against a member of the institution’s management body or any other natural
person, who is held responsible (Article 67(2), let. d).156
An even more careful approach shall be adopted in examining the supervisory
measures provided for by Article 16 SSM R, which, at least in the intention of the
European legislator, do not have a punitive but rather a preventative purpose.157 In
all these cases, in fact, the possibility to recognize a substantive criminal nature
applying only just one of the three Engel criteria, channels the assessment espe-
cially towards the third Engel criterion, whose boundaries are however not always
easily foreseeable.
In this sense, it is worth recalling that the Engel criteria have not been applied by
the ECtHR only with regard to penalties such as detention or fines, but also to other
kind of measures, such as community services or, more relevant to the ECB legal
framework, the withdrawal of rights.158
In these cases, where the assessment over the severity of the penalty appears
much more blurring, the Court based its assessment on parameters that resemble
those used for disciplinary sanctions,159 such as the fact that the disqualifying effects
are limited to a period of time or not, or, similarly to publication penalties, linking
the substantial nature of a sanction to that of the ““principal” penalty to which it
attaches”.160
155
Cf., e.g., Joseph Kaplan v the UK, Report of 17.07.1980, Application no. 7598/76, §§ 168-170,
contra Garyfallou, § 34, as reported by van Dijk (2006), p. 552.
156
As described in Sect. 4.3.
157
Cf. Sect. 4.4.1. Cf. however, Allegrezza and Voordeckers (2015), p. 155, according to “The
wording of Art. 16(1) SSMR already suggests that these measures are not of a punitive, but rather
of a preventive nature, since the purpose is to intervene at an early stage, to avoid that there will be
a breach in the near future, or to ensure a sound management and risk coverage”.
158
Mostly with regard to driving licence, see, e.g., Pierre-Bloch v. France, 21.10.1997,
120/1996/732/938, §§ 55-57; Malige v France, 23.09.1998, 68/1997/852/1059, § 39. Cf. Trechsel
(2005), pp. 25–26; van Dijk (2006), p. 553.
159
On the assessment of the Court over disciplinary charges, see, e.g., Trechsel (2005), pp. 20–21;
Harris et al. (2014), p. 345.
160
Pierre-Bloch v. France, § 56; Escoubet v Belgium, 28.10.1999, Application no. 26780/95, § 37.
In light of this jurisprudence, and especially taking into account the notable con-
sequences that such measures cause upon both direct addressees and third parties
(e.g. shareholders, customers, employees), it could be argued that only the most
severe supervisory measures, that is the suspension of the voting rights of the
shareholder(s) held responsible for the breaches, and the withdrawal of the banking
authorization, respectively provided for by Article 66(2), let. (f) and Article 67(2)
let. (c) CRD IV/V (again, net of national transposition), may be considered punitive
in their content.161
Similar conclusions may be reached also with regard to the supervisory powers
under Articles 14(5) and 16(2) SSM R, characterized by a particularly serious puni-
tive content, since, as it has been highlighted, Article 6 ECHR should cover also
“restrictions of economic or professional freedom of a punitive character”.162
The reference hence goes to the power to withdraw a banking licence (Article
14(5) SSM R), for which the reasoning illustrated above should apply “broader”
“sanction package” whereby, at the end of the sanctioning process, the addressee is
not only fined but also declared ceased from office because of the loss of the fit and
proper qualifications “something that, once characterized as a criminal sanction”.163
Similar considerations could be drawn for the power to remove “at any time mem-
bers from the management body of credit institutions who do not fulfil the require-
ments set out in the acts referred to in the first subparagraph of Article 4(3)” (Article
16(2) let. m) SSM R).
In the other cases, instead—such as the opposition to qualified holding acquisi-
tions (Article 15 SSM R), the prohibition of distributions to shareholders, members
or holders of Additional Tier 1 instruments (Article 16(2), let. i, SSM R); or the
request to divest activities that pose excessive risks to the soundness of the institu-
tion (let. e) —the severity of the measure seems to depend more on the concrete
circumstances in which it is applied, than on a potential assessment in abstracto. A
criminal nature in these cases should therefore be excluded, unless proven differ-
ently in a case-by-case approach.
Lastly, purely administrative should also be considered the so-called periodic
penalty payment or “enforcement measures” provided for by Article 2 Regulation
2532/98, as recalled by Article 18(7) SSM R, which allows the ECB to impose peri-
odic penalty payments that amount up to 5% of the average daily turnover per day
of infringement.164 These measures neither present a particularly relevant degree of
severity, at least in principle,165 nor possess a punitive purpose, since they pursue a
161
In the same sense, also D’Ambrosio (2013), pp. 25–26.
162
Cf. van Dijk (2006), p. 556.
163
Cf. Lamandini et al (2015), p. 97, noting however also how “the prospect that a single set of
measures can receive different treatments, and be subject to different guarantees, depending on the
use of it that is intended used by administrative authorities (and whether it is possible to prove such
intention) is a bit disquieting”.
164
Cf. Article 4(a), Council Regulation (EU) 2015/159; see Sect. 4.4.2. On this point see also
Looseveld (2013b), pp. 423–425.
165
Cf. D’Ambrosio (2013), p. 27 according to whom the severity of those measures shall be mea-
sured in proportion to the financial capacity of the credit institution, in particular considering
whether it has been classified as significant or less significant. See also Riso (2014), pp. 32–35.
restorative goal, that is to force a supervised entity that is obstructing an ECB deci-
sion to comply with the latter.166
Naturally, these conclusions over the criminal nature of some supervisory sanc-
tions and measures need to be put in the perspective of the working method applied
by the Court in Strasbourg, that proceeds with a case-by-case approach, without
formulating general principles regardless of the context.
Officially, therefore, such supervisory sanctions and measures cannot be labelled
as substantially criminal until a judicial decision will affirm so in a specific case; a
decision which—until the EU does not access to the ECHR—could only come from
the Court of Justice. De facto, however, the arguments illustrated above show that,
at least as long as the Engel criteria will subsist, and continued to be applied by the
CJEU,167 a relevant part of the sanctioning powers in the field of banking supervi-
sion presents all the requirements to be considered a coloration pénale.
The recognition of a criminal nature to the penalties mentioned above has funda-
mental practical and theoretical consequences: It introduces also in an administra-
tive proceeding the need to comply with fair trial guarantees provided for by Article
6 ECHR, and with the prohibition of bis in idem established by Article 4, Protocol
No. 7 to the Convention.168
This obligation binds both the ECB and the NCAs in all proceedings which may
lead to the application of punitive sanctions. However due to the different supervi-
sory powers enforced from country to country, and the potentially highly varying
transposition of CRD IV at national level, the analysis on domestic supervisory
models of each Eurozone Member States falls out of the scope of the present
work.169
The latter focuses instead on the compliance of the SSM investigating and adju-
dicating model with the procedural rights required for the criminal matter by the
Convention, as well as with their correspondents in the EU Charter of Fundamental
Rights,170 and, where relevant, with the rules contained in the Directives safeguard-
ing the defendant’s procedural rights in criminal proceedings.171 To this aim, it is
worth reminding that most of the rights contained in the Charter have been shaped
on the basis of the Convention, a link that is further enhanced by the equivalence
clause of Article 6 TEU and Article 52(3) CFREU according to which “In so far as
this Charter contains rights which correspond to rights guaranteed by the Convention
166
Recently, on the non-punitive nature of pecuniary penalty payments (in environmental protec-
tion law), see Order of the Vice-President of the Court of 27.07.2017, in European Commission v
Republic of Poland, Case C-441/17 R, ECLI:EU:C:2017:877, § 102.
167
In this sense, it is worth to recall the attempt of several Member States, rejected by the Court in
Strasbourg, to reduce the application of Engel criteria to the administrative (tax) matter in relation
to the principle of ne bis in idem, carried out in A and B v. Norway, cf. Sect. 2.3.3.
168
Cf., with regard to the ECB banking supervision, D’Ambrosio (2013), p. 85.
169
For a first comparative analysis in this sense, see Allegrezza (2019).
170
Articles 47-50 CFREU.
171
Cf. especially to Directive 2016/343 on the presumption of innocence, cit.; see below, Sect.
6.3.5.
for the Protection of Human Rights and Fundamental Freedoms, the meaning and
scope of those rights shall be the same as those laid down by the said Convention”.
In the following analysis, therefore, the case-law of the Court of Justice, which
has so far analysed only very few of the critical profiles concerning the activity of
the SSM, none of which (yet) directly dealing with punitive sanctions, will be taken
into account especially to understand whether relevant fundamental rights are inter-
preted in the same way by the two European Courts and, where that is not the case,
to assess potential consequences of this discrepancy.
It is important to clarify that fair trial rights as such are not a prerogative of crimi-
nal proceedings. In Convention, in fact, some of the principles contained in Article
6 ECHR are applicable also to the civil matter, that although does not usually
include administrative proceedings (from which the “necessity” of the Court to
develop the Engel doctrine).
Administrative proceedings are instead directly addressed, in the post-Lisbon
EU legal framework, by Article 41 CFREU, which establishes the right to a good
administration,172 and are affected also by Article 47 CFREU, that explicitly pro-
vides the need to comply with some fair trial rights in all cases in which “rights and
freedoms guaranteed by the law of the Union are violated” Article 47 indeed does
not pose any distinction on the subject matter.173
As affirmed by established case-law of the Court of Justice, procedural rights
listed in Article 47 found therefore application in all proceedings “initiated against
a person which are liable to culminate in a measure adversely affecting that person”,
irrespective of its administrative or criminal nature.174 Evidence of the influence of
these legal bases may be found in the same SSM Regulations, where the need to
comply with “due process” and defence rights in the adoption of supervisory deci-
sions is explicitly stated in Recital (54) and Article 22 SSM R.175
Rights provided for by Articles 41 and 47 CFREU (and by Article 6 ECHR, in its
civil limb interpretation) which are especially relevant for the analysis of the SSM
sanctioning proceedings include: The right to an independent and impartial tribunal;
172
Recognized by the Court of Justice also as one of the general principles of EU law see, e.g.,
Detlef Nölle v Council of the European Union and Commission of the European Communities,
Case T-167/94, 18.09.1995, ECLI:EU:T:1995:169.
173
In light of Article 51 CFREU. For the debate on the Charter scope of application, cf. Sect. 2.3.3.
Cf. also Thomas Pringle v Government of Ireland and Others, Case C-370/12, 27.11.2012,
ECLI:EU:C:2012:756, §§ 178–182, commented by Adams and Parras (2013), pp. 848–865.
174
Cf., e.g., G.J. Dokter, Maatschap Van den Top and W. Boekhout v Minister van Landbouw,
Natuur en Voedselkwaliteit, Case C-28/05, 15.06.2006, ECLI:EU:C:2006:408, § 74. On this issue,
see also De Moor Van Vugt (2012), pp. 40–41, according to which “the adoption of the Charter as
part of the Lisbon Treaty has stimulated the further clarification and specification of safeguards in
administrative sanctioning procedures for both measures (of a reparatory nature) and penalties (of
a punishing nature). The difference in approach” between the two types of sanctions “is gradual,
which makes the reluctance of the CJ to qualify a sanction as criminal even more questionable.
Most procedural safeguards that have been implemented apply to both categories. The penalties
demand a more restrictive approach in the sense that the authorities need to respect the guarantees
that have been set by the ECHR and the Charter, when it comes to a criminal charge”.
175
Requiring that “defence rights of the parties concerned shall be fully respected”, cf. also Article
32(1) SSM FR.
the principle of equality of arms (particularly with regard to the right to be heard,
and the right of access to files); the right to a public hearing; and the right of
assistance.
The right to a reasonable length of the proceedings, the obligation to state rea-
sons, the right to be present at trial, and the right to a legal aid, also fundamental
principles established both in the same articles of the Charter (and sometimes by EU
Directives), and at the Conventional level,176 will not be specifically dealt with in
this work: The first two do not seem to raise specific problems in the context of
banking supervision; and the latter seems to have limited application there, since the
only targets of the SSM sanctioning proceedings are credit institutions.177
The extensive or multi-disciplinary scope of application of Article 41 and 47
CFREU, however, does not imply that these procedural rights (as well as the very
concept of “due process”) always bear the same content regardless of the field of
law where they are applied. Indeed, as it will be illustrated in the following para-
graphs, fair trial rights are interpreted more strictly when they apply to a criminal
(formally or substantially) matter, as in this case they also overlap with the defence
rights provided for by Articles 6 ECHR and 48 CFREU.178 To this end, it is here
shared the opinion of those legal scholars according to which the scope of Article 48
CFREU—concerning the presumption of innocence and the right of defence—like
Article 6 ECHR in its criminal limb shall be given a broad interpretation, including
also administrative punitive proceedings, and not only to criminal proceedings
stricto sensu.179
Also the moment from which the protection of Article 48 CFREU attaches shall
be read in light of the ECtHR case-law. Developing its own autonomous notion of
criminal “charge”, the Court established that Article 6 attaches from the moment in
176
Cf. Articles 41(1) and 47(2) CFREU, and Article 6(1) ECHR (reasonable length)—for a detailed
analysis of the case-law of the ECtHR on the matter, see Trechsel (2005), p. 134 et seq.; Harris
et al. (2014), pp. 439–446; Sayers (2014), p. 1258 et seq.; Article 296 TFEU, Article 41(2), third
point CFREU, and Article 6(1) ECHR (obligation to state reason)—for a detailed analysis of the
case-law of the ECtHR on the matter, see Trechsel (2005), p. 102 et seq.; Harris et al. (2014),
p. 430; Craig (2014), p. 1084 et seq.; Article 6 ECHR, 48 CFREU and Articles 8 and 9 Directive
2016/343 (right to be present at trial)—for a detailed analysis of the case-law of the ECtHR on the
matter, and a comment on the directive, see, e.g., Trechsel (2005), pp. 252–261; Harris et al.
(2014), p. 410 et seq.; Mosna (2017), p. 969 et seq.; Rafaraci (2007), p. 5 et seq. (especially with
regard to Stefano Melloni v. Ministerio Fiscal, Case C-399/11, 26.02.2013, ECLI:EU:C:2013:107);
Mangiaracina (2010), p. 135 et seq.; Negri (2015), p. 202 et seq.; and Article 47(3) CFREU, Article
6(3)(c) ECHR, and Directive 2016/1919 (legal aid)-for a detailed analysis of the case-law of the
ECtHR see Trechsel (2005), pp. 270–277; Harris et al. (2014), p. 478 et seq.; Sayers (2014),
p. 1315.
177
Which presumably should be able to afford legal expenses of defence. A residual hypothesis
may be that of natural persons indirectly involved in supervisory proceedings (e.g. shareholders),
where in any case Article 47 CRFEU shall apply.
178
See Nehl (2014), p. 1290; Sayers (2014), p. 1309, recalling that breaches of Article 48(2) may
also constitute a breach of Article 47(2) CFREU.
179
See Nehl (2014), p. 1290, and Sayers (2014), p. 1309, recalling that breaches of Article 48(2)
may also constitute a breach of Article 47(2) CFREU.
which the person under investigation is given a notification in this sense, therefore
covering also the pre-trial phase of the proceeding.180 In the analysis of the SSM
investigating and sanctioning powers, however, it shall be reminded that the SSM
regulations do not provide for a clear distinction between “ordinary” supervisory
activities and “investigations!, besides for the intervention of the Investigating Unit.
In this sense, it is often not clear when the more safeguarding rights of punitive
proceedings should attach.181
This interpretation appears justified in light of the equivalence clause linking the
Charter to the ECtHR case-law, and by the explicit adoption of the Engel criteria by
the CJEU in its previous case-law.182
The latter is also coherent with the scope of the EU directives on procedural
rights, that cover both accused and defendants,183 and with the jurisprudence of the
Court of Justice, according to which parties enjoy defence rights also before they
are notified a statement of objections.184 In this context, defence rights provided for
by Article 41 CFREU have been reasonably interpreted as a lex specialis of Article
48(2) CFREU, applicable to European administrative proceedings.185
Against this background, the compliance of the SSM sanctioning procedures
with fair trial principles is carried out in light of the (usually) more safeguarding
approach used by the Court in Strasbourg in interpreting such rights. Special atten-
tion, in particular, will be put to that ECtHR case-law introducing the right to a
judicial review before a body with unlimited jurisdiction as a necessary compensa-
tive measure to save the fairness of the proceeding, in case some fair trial rights are
not fully complied with in the administrative punitive matter.186
Other fair trial rights are originally typical of criminal proceedings, and find
application in administrative contexts only if they are recognized as punitive under
180
Cf., e.g., Deweer v. Belgium, 27.02.1980, Application no. 6903/75, §§ 42–46; Eckle v Germany,
15.07.1982, Application no. 8130/78, § 73; McFarlane v Ireland, 10.09.2010, Application no.
31333/06, § 143; Foti and others v Italy, 10.12.1982, Applications nos. 7604/76, 7719/76, 7781/77
and 7913/77, § 52; Imbrioscia v. Switzerland, 24.11.1993, Application no. 13972/88, § 36; Dvorski
v Croatia, 20.10.2015, Application no. 25703/11, § 76. See Allegrezza (2017), p. 948; Nehl (2014),
pp. 1282–1283.
181
Cf. above Sect. 4.4.3 and, if you wish, Lasagni (2019).
182
See above, Sect. 6.2; Regardless of what affirmed more recently by the CJEU in decision
WebMindLicenses Case C-419/14, § 83. On this line see, e.g., Allegrezza (2017), p. 947; Manes
(2012); D’Ambrosio (2013), p. 19 et seq.; Sayers (2014), p. 1306.
183
Although the directives do not identify always the same moment from which their rights attach,
see Allegrezza (2017), p. 949; on the definition of the notion of suspect, see, e.g., Quattrocolo
(2015), p. 85 et seq.; Flore (2014), p. 389 et seq.
184
Cf. CEF City Electrical Factors BV and CEF Holdings Ltd v. Nederlandse Federatieve
Vereniging, Case C-105/04 P, 21.09.2006, ECLI:EU:C:2006:592, § 50. The issue has been anal-
ysed by Covolo (2015), p. 435 et seq.; Nehl (2014), pp. 1282–1283.
185
Cf. Nehl (2014), p. 1290 et seq.
186
Cf. below, Sect. 6.3.3. The reference here goes to the right to an independent and impartial tri-
bunal (cf. below Sects. 6.3 and 6.3.1), the principle of equality of arms (cf. below Sect. 6.3.2), and
the right to a public hearing (cf. below Sect. 6.3.4).
the Engel doctrine; their implementation in this field, hence, requires special con-
sideration, and needs to be carefully assessed.
This is the case, in particular, of the privilege against self-incrimination, pro-
vided for by Article 6(1) ECHR in its criminal limb interpretation, and by Article
48(1) CFREU, (which results especially problematic in its application outside the
criminal matter stricto sensu187); and of the protection from double jeopardy.188
On the other side, the right to translation and interpretation, although explicitly
required for criminal proceedings under Article 6 ECHR and by Directive 2010/64/
EU will not be examined in this research, since all ECB proceedings, as those of EU
institutions, shall be carried out in any of the EU official languages.189
The right to information, also provided for as a separate right by Article 6 ECHR,
but which is a right “preparatory” for the exercise of other defence rights,190 for the
purpose of this work is dealt with together with the principle of equality of arms, as
in banking supervisory proceedings, its relevance is absorbed in the scope of the
rights to be heard, and of access to files.191
Lastly, it shall be reminded that the analysis of fair trial rights in the context of
the SSM sanctioning procedures requires sometimes a special calibration, since—as
already mentioned—the ECB is entitled to impose sanctions only upon legal enti-
ties.192 Indeed, despite the application of the Engel doctrine also to proceedings
involving legal persons, rights recognized to these subjects (and especially, the priv-
ilege against self-incrimination) are not completely equalized to those of natural
persons, especially in the Union legal framework.193
In assessing the compliance of the SSM procedural rights with fair trial princi-
ples, therefore, this asymmetry shall also be taken into account.
187
The issue is examined below, in Sect. 6.3.5.
188
The issue is examined below, Sect. 6.3.7.
189
Cf. Articles 23-24 SSM FR, according to which “The ECB and NCAs shall adopt arrangements
for their communications within the SSM, including the language(s) to be used”, and that “Any
document which a supervised entity or any other legal or natural person individually subject to
ECB supervisory procedures sends to the ECB may be drafted in any one of the official languages
of the Union, chosen by the supervised entity or person”. On the critical issues deriving from lan-
guage rights in the EU legal framework regardless of Directive 2010/64/EU of 20.10.2010 on the
right to interpretation and translation in criminal proceedings, see, e.g., Vogler (2015), p. 95;
Sayers (2014), p. 1325 et seq.; Gialuz (2014), p. 84 et seq.
190
Cf. Mosna (2017), p. 958; Sayers (2014), p. 1329 et seq.
191
Also the protection against entrapment, provided for by Article 6(1) ECHR, will not be dealt
with in this work, as it does not appear relevant in SSM sanctioning procedures. On the topic see,
e.g., Trechsel (2005), p. 111; Harris et al. (2014), pp. 427–428.
192
Cf. Sect. 4.4.2.
193
The issue, especially critical with regard to the privilege against self-incrimination, is analysed
below, in Sects. 6.3.5 and 6.3.6, and with regard to privacy protection, in Sect. 8.2.2.
6.3 Fair Trial Guarantees and Banking Supervision: The Right to an Independent… 197
6.3 F
air Trial Guarantees and Banking Supervision:
The Right to an Independent Tribunal
A major issue concerning the compliance of the SSM sanctioning proceedings with
Article 6 ECHR, and Article 47 CFREU is whether the supervisor’s structure, and
in particular its decision-making body, possess the requirements to be defined an
“independent and impartial tribunal established by law”.
The first step in this assessment is to determine when a decision-making body
can be named a “tribunal”194; a point upon which, as repeatedly underlined by legal
scholars, both European Courts have not developed a homogeneous and compre-
hensive definition yet.195
The ECtHR, on its side, considers as a primary criterion the acknowledgement of
a “judicial function” to the adjudicating authority, defined as the capability of
“determining matters within its competence on the basis of rules of law and after
proceedings conducted in a prescribed manner”,196 and the “power to give a binding
decision which may not be altered by a non-judicial authority”.197
Putting the attention on “teleological” parameters, rather than on structural fea-
tures typical of judicial bodies, such as internal independence, the Court in
Strasbourg therefore interprets rather extensively the concept of “tribunal”, It fol-
lows that, under certain circumstances, also administrative bodies may fall under
this definition. As renowed, in fact, this broad interpretation was developed by the
ECtHR to extend—when the sanctions imposable present a substantive punitive
nature—the fundamental safeguards of the criminal matter also to proceedings car-
ried out by administrative authorities, which usually provide for far lower standards
of protection to the parties involved. This jurisprudence certainly brought to an
194
Cf. Consolo (2017), p. 895 (civil matter), and Caianiello (2017), pp. 910–911 (criminal matter);
Panzavolta (2013), pp. 145–146; Trechsel (2005), p. 47 et seq.; Pech (2014), p. 1250 et seq.; Harris
et al. (2014), p. 446 et seq.; Viering (2006), pp. 612–613; Balsamo (2015), pp. 119–121.
195
Cf. Caianiello (2017), p. 47; according to Trechsel (2005), pp. 47–48, “It is thus quite obvious
that the “definition” is to some extent superfluous in that properties which, according to the text of
Article 6 § 1 are attached to the term, are here referred to as elements of its definition. The essential
point is that the Court does not give much importance to the label which is attached to the institu-
tions that function as a court”, on the same line, also Pech (2014), p. 1252. In any case, the features
of “impartiality”, “independence”, and “established by law” are rather overlapping, and “can
hardly be distinguished in a clear way”, Trechsel (2005), p. 49; Viering (2006), p. 612. According
to the Court in Findlay v the United Kingdom, 25.02.1997, Application no. 22107/93, § 73, “The
concepts of independence and objective impartiality are closely linked and the Court will consider
them together as they relate to the present case”.
196
Belilos v Switzerland, 29.04.1988, Application no. 10328/83, § 64, recognizing judicial func-
tions to a Swiss Police Board; see also H v Belgium, 30.11.1987, Application no. 8950/80, p. 34, §
50.
197
Findlay v the United Kingdom, § 77; Van de Hurk v. the Netherlands, 19.04.1994, Application
no. 16034/90, § 45.
improvement for the position of the subjects of punitive administrative investiga-

tions, it may also be criticized for several reasons.198
First, such jurisprudential notion of tribunal lacks of foreseeability and thus of
legal certainty, inasmuch as the assessment on the substantial nature of sanctions
and therefore over the possibility to consider an administrative authority a tribunal
under Article 6 is made on a case by case basis. The consistency of the case-law may
of course provide for some hints of predictability as to whether a certain system
may be considered so, but no legal certainty can be reached before a specific deci-
sion is issued.199
Moreover, this jurisprudence seems somehow to undermine at its basis the very
notion of “tribunal” in its more traditional, and “constitutional” interpretation.
Tribunals, indeed, are undoubtedly characterized, even more than by their function,
by their independence both from external powers, and from internal pressures.
The parameter of “external” independence has been taken in due account by the
case-law of the ECtHR, which repeatedly affirmed that, mostly in cases concerning
administrative or disciplinary tribunals, imposing punitive sanctions, the fact that
the decision-making body exercises “judicial functions” does not suffice to make it
a proper tribunal under Article 6 ECHR.200 To do so, these bodies shall indeed fulfil
a series of further requirements concerning the principles of independence and
impartiality, which represent the basis on which fair trial guarantees can be built
upon.
Specifically, a “tribunal” shall be considered independent from the legislator,201
the executive and other third parties, if guarantees exist “against outside pressures”,
with specific regard to the “duration of its members’ term of office”, and the “man-
ner of appointment of its members”.202
While the ECtHR appears to have adopted a rather self-restrictive approach in
questioning the independence of bodies already defined as tribunal at the national
level,203 the Court generally leaves a much lower margin of appreciation to States
when it comes to examine, administrative a uthorities with substantially criminal
sanctioning powers.
The ECtHR, on the contrary, has not taken yet an explicit stand on which stan-
dards shall define the internal independence of a tribunal. The reason for that appears
198
Cf. Caianiello (2017), pp. 910–11, persuaded of the prevalence of the negative impact of this
case-law.
199
In this sense, see also Vervaele (2017), p. 169.
200
Le Compte, Van Leuven and De Meyere v. Belgium, 23.06.1981, Application nos. 6878/75;
7238/75, § 55, and the case-law there mentioned. See also Harris et al. (2014), p. 447.
201
Cf., e.g., Crociani and others v Italy, 18.12.1980, Applications nos. 8603/79, 8722/79, 8723/79,
and 8729/79, p. 180 et seq.; Demicoli v Malta, cit., § 40 et seq. For more details on the indepen-
dence from the legislator, see Trechsel (2005), p. 53 et seq.
202
Cf., e.g., Le Compte, § 55; Belilos, § 64; Campbell and Fell v UK, § 78; Kleyn and Others v The
Netherlands, 6.05.2003, nos. 39343/98, 39651/98, 43147/98 and 46664/99, § 190; Coëme and
Others v Belgium, 22.06.2000, Applications nos. 32492/96, 32547/96, 32548/96, 33209/96 and
33210/96, § 99; Richert v Poland, 25.10.2011, Application no. 54809/07, § 43. See also Harris
et al. (2014), p. 448 et seq.
203
For case-law referred to stricto sensu judicial systems, see Trechsel (2005), pp. 54–55.
rather evident: Indeed, extending also to administrative bodies the application of

characteristics such as irremovability of members, limited internal hierarchical con-
trols, and existence of an autonomous system of disciplinary liability and ascertain-
ment, would, de facto, require a complete assimilation of these bodies to judicial
authorities.
The Court of Justice, on the other side, has developed its own set of criteria to
define the notion of “tribunal”, which only partially overlap with those indicated by
the ECtHR, at least in their practical application. Already in decisions preceding the
entry into force of the Charter, the CJEU adopted a substantive and autonomous
approach to the matter, that disregarded domestic classification and was based
exclusively on Community law.204
In Vaassen-Göbbels (1966), for instance, the Court recognized as “tribunal” the
Dutch Arbitration authority for the Fund for non-manual workers employed in the
mining industry, based on the fact that it was a “permanent body charged with the
settlement of the disputes defined in general terms’ and “bound by rules of adver-
sary procedure similar to those used by the ordinary courts of law”.205
Subsequently in Dorsch (1997), the CJEU better clarified the list of minimum
elements necessary to define a body as “tribunal”, requiring it to be: (i) Permanent;
(ii) established by law; (iii) independent; (iv) granted with compulsory jurisdiction
and (v) inter partes procedures; and (vi) applying rules of law.206 Independence (iii),
in particular, has been recognized by the Court as a key factor to distinguish
“between national courts and administrative authorities”.207 In its 2006 decision
Wilson, and in the following case-law, the CJEU affirmed that the concept of inde-
pendence, strictly linked to that of impartiality,208 is inherent in the task of adjudica-
tion, requiring for instance guarantees to protect the persons taking a decision,
against removal from office.209
204
Pierre Corbiau v Administration des contributions, Case C-24/92, 30.03.1993,
ECLI:EU:C:1993:118, § 15; see also Incal v Turkey, 9.06.1998, 41/1997/825/1031, § 65; François
De Coster v Collège des bourgmestre et échevins de Watermael-Boitsfort, Case C-17/00,
29.11.2001, ECLI:EU:C:2001:651, § 10.
205
G. Vaassen-Göbbels v Management of the Beambtenfonds voor het Mijnbedrijf, Case 61/65,
30.06.1966, ECLI:EU:C:1966:39, p. 273.
206
Dorsch Consult Ingenieurgesellschaft mbH v Bundesbaugesellschaft Berlin mbH, Case C-54/96,
17.09.1997, ECLI:EU:C:1997:413, § 23; for a more recent application of this case-law, cf., e.g.,
Camera di Commercio, Industria, Artigianato e Agricoltura (CCIAA) di Cosenza v Grillo Star Srl,
Case C-443/09, 19.04.2012, ECLI:EU:C:2012:213, § 20, and case-law mentioned there (which,
even if post-Lisbon Treaty, does not refer to Article 47 of the Charter). For an analysis of the
parameters developed by the Court see, e.g., Pech (2014), p. 1253 et seq.
207
Cf. Graham J. Wilson v Ordre des avocats du barreau de Luxembourg, Case C-506/04,
19.09.2006, ECLI:EU:C:2006:587, § 49; Opinion of Advocate General Stix-Hackl, delivered on
11.05.2006, in Wilson, Case C- C-506/04, § 45. See also the Opinion of Advocate General Ruiz-
Jarabo Colomer in Case C-17/00 De Coster, § 17; and Pech (2014), p. 12563 et seq.
208
Cf. Graham J. Wilson v Ordre des avocats du barreau de Luxembourg, Case C-506/04, §§
51-52; Katarina Abrahamsson and Leif Anderson v Elisabet Fogelqvist, Case C-407/98, 6.07.2000,
ECLI:EU:C:2000:367, § 32.
209
Cf., e.g., Katarina Abrahamsson and Leif Anderson v Elisabet Fogelqvist, Case C-407/98, § 36;
In 2007, still before the entry into force of the Lisbon Treaty, the Court explicitly
recognized in a competition law case, that the notion of “tribunal” shall be read in
light of Article 6(1) ECHR, even though, again showing a preferential treatment for
the antitrust matter,210 it avoided to take a clear position concerning the Commission.211
Actually, since its 1980 decision Van Landewyck the Court has always refused to
consider the Commission as a tribunal under the meaning of Article 6 ECHR, with-
out however never fully explaining the legal reasoning behind such interpretation212:
An exceptionalism which, despite the increasing criticism, has been maintained to
date.213
Whether also the Single Supervisory Mechanism may be eligible to receive a
similar treatment by the Court of Justice seems uncertain.
From one side, it is true that the SSM presents analogies with the Commission
acting as an antitrust authority, being both European institutions with investigative
and sanctioning powers towards national and transnational undertakings. On the
other side, however, these institutions significantly differ in the way information is
gathered. The SSM, contrary to the Commission, can in fact rely on huge amounts
of information already gathered in daily supervisory activity, well before the start-
Köllensperger and Atzwanger, Case C-103/97, 4.02.1999, ECLI:EU:C:1999:52, § 21.

210
As already discussed in the application of the Engel criteria, see above Sect. 2.3.
211
Schneider Electric v Commission, Case T-351/03, 11.07.2007, ECLI:EU:T:2007:212, §§
181–184.
212
Cf. Van Landewyck v Commission, Case C-209/78 (Joined Cases C-209/78, C-210/78, C-211/78,
C-212/78, C-213/78, C-214/78, C-215/78, C-218/78), 29.10.1980, ECLI:EU:C:1980:248, § 81;
Musique Diffusion française v Commission, Case C-100/80 (Joined Cases C-100/80, C-101/80,
C-102/80, C-103/80), 7.07.1983, ECLI:EU:C:1983:158, § 7, where the Court, briefly dismissed as
“irrelevant” the arguments of the applicant, concluded that the Commission “cannot be classified
as a tribunal within the meaning of Article 6 of the European Convention for the Protection of
Human Rights”.
213
Cf. Opinion of Advocate General Vesterdorf, Case T-L/89, Rhône-Poulenc v Commission, deliv-
ered on 10.07.1991, II-885; Shell v Commission, § 39; Enso Española v Commission, Case
T-348/94, 14.05.1998, ECLI:EU:T:1998:102, § 56; Cimenteries Cbr and Others v Commission, §
717; HFB and others v Commission, § 377; Dansk Rørindustri v Commission, Case T-21/99,
20.03.2002, ECLI:EU:T:2002:74, §144; Bolloré and others v Commission, Joined Cases T-109/02,
T-118/02, T-122/02, T-125/02, T-126/02, T-128/02, T-129/02, T-132/02 and T-136/02, 26.04.2007,
ECLI:EU:T:2007:115, § 86; Lafarge SA v Commission, Case T-54/03, 8.07.2008,
ECLI:EU:T:2008:255, § 38; Opinion of Advocate General Bot, Joined Cases C-322/07 P, C-327/07
P and C-338/07 P, Papierfabrik August Koehler AG (C-322/07 P), Bolloré SA (C-327/07 P),
Distribuidora Vizcaína de Papeles, SL (C-338/07 P) v Commission, delivered on 2.04.2009, note
51; Opinion of Advocate General Bot, Joined Cases C-201/09 P and C-216/09 P, ArcelorMittal
Luxembourg SA and others v European Commission, ECLI:EU:C:2010:634, delivered on
26.10.2010, § 44; Schindler Holding Ltd and others, Case T-138/07, § 54; Bolloré v European
Commission, §§55-57; Coats Holdings Ltd v European Commission, § 169; Opinion of Advocate
General Kokott, Case C-439/11 P, Ziegler SA v European Commission, delivered on 13.12.2012,
ECLI:EU:C:2012:800, § 140; Schindler Holding Ltd and others, Case C-501/11 P, 18.07.2013,
ECLI:EU:C:2013:522, § 30 (also quoting the ECHR decision Minarini); Saint-Gobain Glass
France SA and others v European Commission, Cases T-56/09 and T-73/09, 27.03.2014,
ECLI:EU:T:2014:160, §§75-79; Crown Equipment and others v Council of the European Union,
Case T-643/11, 12.12.2014, ECLI:EU:T:2014:1076, § 45.
ing of the investigating procedures. Moreover, causes for such an exceptionalism in

competition law seem to rely rather on historical reasons than on structural ones.
Under a pragmatic point of view, in fact, it could be argued that this field of law
still retains a sui generis treatment due to its well-established practice since the
origin of the European Communities and well before the Court of Justice started to
act as a court of fundamental rights. The SSM, on the contrary, has been introduced
in the EU legal framework well afterwards the Lisbon reform, and thus bears much
more expectations to act in compliance with fundamental rights, and the principles
of fair trial expressed by the Charter (directly), and by the Convention (indirectly).214
Against this background, applying the ECtHR and the CJEU case-law (not
referred to the Commission) to the Single Supervisory Mechanism, a “judicial func-
tion” may be recognized to the Governing Council.
The latter, indeed, is the ultimate decision-making body of the European Central
Bank; it is granted with compulsory competence; is established by law as permanent
and independent, and its action is subject to the rule of law.215
A more uncertain position is instead that of the Supervisory Board (SB).
Indeed, the SB is the body which determines the merit of the supervisory opera-
tions, since it drafts (on the basis of the results brought by the Investigating Unit,
when the latter is involved) complete decisions which the Governing Council may
only approve or reject.216 On the other side, though, according to Article 283 TFEU,
and Articles 10 to 12 of the ECB Statute, the Governing Council and the Executive
Board are the only ECB decision-making bodies, since the Treaty was not amended
for the establishment of the Single Supervisory Mechanism.217
Therefore, although the Supervisory Board certainly possesses a “judicial func-
tion” with regard to the merit, it lacks the power to issue legally binding decisions.
In light of the above, the only body which could be recognized as “tribunal” within
the SSM sanctioning procedures is the Governing Council.
214
The process will certainly be accelerated in case the EU will access to the European Convention.
Moreover, as discussed in Sect. 2.3.3, it appears that the CJEU is starting to overrrule part of the
special treatment reserved to competition law, at least with regard to the ne bis in idem.
215
Cf. Article 7, Statute of the European System of Central Banks and of The European Central
Bank: “when exercising the powers and carrying out the tasks and duties conferred upon them by
the Treaties and this Statute, neither the ECB, nor a national central bank, nor any member of their
decision-making bodies shall seek or take instructions from Union institutions, bodies, offices or
agencies, from any government of a Member State or from any other body. The Union institutions,
bodies, offices or agencies and the governments of the Member States undertake to respect this
principle and not to seek to influence the members of the decision-making bodies of the ECB or of
the national central banks in the performance of their tasks”; cf. also Sect. 4.4.
216
217
6.3.1 The Right to an Impartial Tribunal
Tribunals do not only need to be independent; they also have to be impartial, mean-
ing both that they shall be established by law before the commission of the alleged
breach,218 and that they shall be free from any prejudice in carrying out their tasks.219
In order to verify the absence of bias within adjudicating bodies, the ECtHR has
developed a subjective and an objective test, first formulated in the 1982 decision
Piersack v Belgium, and then resumed by the following case-law.220
Under the subjective test, it is necessary to show that the members of the decision-
making body did not act with personal bias against the applicant; personal impar-
tiality shall be presumed until there is proof of the contrary.221 Under the objective
test, it shall be assessed whether there are ascertainable facts which may raise doubts
as to the tribunal’s conduct, which shall not offer any legitimate chance to doubt,
even just in the appearances, of its impartiality.222
To assess whether the tribunal complies with these parameters, a fundamental
criterion considered by the Court—with major implications for non-judicial enti-
ties—concerns the separation between the body in charge for the investigations and
that responsible for the judgement and the imposition of sanctions. This feature
indeed is not frequently found in administrative decision-making bodies.223
218
In this sense, the ECtHR seems to have adopted a more restrictive notion of “law”, where nor-
mally it refers “to any norm of general application” as “the Court does not usually examine whether
it was passed by Parliament or whether it was adopted by the Government or any other body […]
Still, not every detail must be regulated by the law in the formal sense, i.e. Acts of Parliament—
details may be set out in delegated legislation […] However, these texts will have to satisfy the
general requirements of precision and foreseeability”. These elements should include at least: The
whole organizational set-up of the courts, jurisdiction, establishment of individual courts, determi-
nation of local jurisdiction, competence ratione loci and materiae, and the proceeding the tribunal
is to follow, although the case-law of the Court is not clear on the matter, cf. Trechsel (2005),
pp. 50–51, referring to Zand v. Austria, 16.05.1977, Application no. 7360/76, § 80; see also Harris
et al. (2014), p. 458.
219
See, e.g., Jorgic v Germany, 12.07.2007, Application no. 74613/01, § 64; Richert v Poland, § 41.
As underlined by Trechsel, indeed, the notion is therefore defined in negative terms, cf. Trechsel
(2005), p. 61 et seq.
220
Piersack v Belgium, 10.10.1982, Application no. 8692/76, § 30. As underlined, the separation
between these two tests is “quite convincing although the labels are not”, as it is “practically
impossible to determine or not” whether judges have an impartial state of mind, cf. Trechsel
(2005), p. 62; Harris et al. (2014), pp. 450–451.
221
Cf., e.g., Hauschildt v Denmark, 24.05.1989, Application no. 10486/83, §§ 47-48, according to
which “appearances may be of a certain importance”. The Court, however, has revealed itself
reluctant to find deficits of impartiality under the subjective test, as shown in cases Remli v France,
23.04.1996, Application no. 16839/90; Gregory v the UK, 25.02.1997, Application no. 22299/93;
Ferrantelli and Santangelo v Italy, 7.08.1996, Application no. 19874/92; Sander v The UK,
9.05.2000, Application no. 34129/96; cf. also Trechsel (2005), p. 64.
222
Id. § 48; Sramek v Austria, 22.10.1984, Application no. 8790/79, § 42. It is not clear, however,
whether the test should take into account the potential bias as perceivable “in the eyes of a reason-
able person or an “ordinary citizen””, cf. Trechsel (2005), p. 62.
223
Other criteria, less relevant for the analysis at stake, may concern the prior involvement of the
judge in the same case, or to affiliation to one of the parties, for a more detailed recollection of the
case-law on the matter, see e.g. Trechsel (2005), pp. 62–79; Harris et al. (2014), pp. 452–457.
At first glance, this requirement could basically make void any attempt of the
ECtHR to bring some administrative decision-making bodies back under the
umbrella of Article 6. To counterbalance this risk, in its case-law the Court repeat-
edly affirmed that a proceeding, even when the adjudicating body does not possess
the impartiality and independence typical of a judicial authority, may still be consid-
ered in compliance with these requirements if the issued decisions are subject to
subsequent review by a “judicial body that has full jurisdiction”, meaning an author-
ity entitled with the power to quash in all respects, on questions of fact and law, the
decisions of the body below.224
Impartiality is also a fundamental part of the notion of “tribunal” under Article
47(1) CFREU, as interpreted by the Court of Justice.
First examined in De Coster (2001), the CJEU better defined the concept in
Wilson (2006), where impartiality was considered an essential element “to ensure a
level playing field for the parties to the proceedings and their respective interests
with regard to the subject-matter of those proceedings”, which “requires objectivity
and the absence of any interest in the outcome of the proceedings apart from the
strict application of the rule of law”.225
In particular, as it has been underlined, impartiality in the jurisprudence of the
Court represents an “internal component of the broader notion of independence”,226
given its “functional connection between independence and impartiality, the former
being a necessary condition of the latter”.227
The case-law of both European Courts results especially relevant for the SSM,
whose sanctioning system, as most administrative bodies, shows some relevant
weaknesses under the profile of separation of phases between investigation and
adjudication.
Indeed, the SSM Regulations only provide for a few general statements on the
independency of the investigations. Article 123 SSM FR appreciably requires that
the members of the Investigating Unit (IU) “shall not be involved and shall not for
the two years before taking up the position of investigating officer, have been
involved in the direct or indirect supervision or authorisation of the relevant super-
vised entity”.228
224
Cf. Umlauft v Austria, 23.10.1995, Application no. 15527/89, § 37; Öztürk v Germany, § 56;
A. Menarini Diagnostics S.R.L. v Italy, §§ 59-63-67; see also Schmautzer v Austria, 23.10.1995,
Application no 15523/89, §36; Gradinger v Austria, 23.10.1995, Application no 15963/90, §44.
The issue of judicial review is dealt with below in Sect 6.3.3.
225
Graham J. Wilson v Ordre des avocats du barreau de Luxembourg, Case C-506/04, §§ 52–53.
226
Pech (2014), p. 1256; cf. Graham J. Wilson v Ordre des avocats du barreau de Luxembourg,
Case C-506/04, § 52. See also François De Coster v Collège des bourgmestre et échevins de
Watermael-Boitsfort, Case C-17/00, 29.11.2001, ECLI:EU:C:2001:651, §§ 17–22; while the first
ECJ case where impartiality has been mentioned was Katarina Abrahamsson and Leif Anderson v
Elisabet Fogelqvist, Case C-407/98, § 32.
227
Opinion of Advocate General Stix-Hackl, delivered on 11.05.2006, in Case C- C-506/04,
Wilson, § 75.
228
The Regulation further mandates that investigating officers perform their func-
tions “independently of the Supervisory Board and Governing Council and shall not
take part in the deliberations of the Supervisory Board and Governing Council”.229
Things become more critical when considering that the Investigating Units are
not structurally independent, but remain internal investigating bodies, whose offi-
cers are “designated by the ECB”,230 even if the Framework Regulation does not
identify which body of the Central Bank is specifically entrusted with this task.231
Actually, a similar gap could originally be found also with regard to the composi-
tion of the Administrative Board of Review, whose members shall also “be appointed
by the ECB”.232 In this case, however, the lacuna was filled by a subsequent ECB
Decision that assigned that competence to the Governing Council and detailed pow-
ers and procedures applicable to the ABoR.233
While it is of course desirable that such gap will be filled for the Investigating
Unit too, adopting a solution similar to that chosen for the ABoR might bring to
even more critical issues, considering that the Governing Council is the body
entrusted with the final decision power over the adoption of the sanctions for the
breaches investigated by the Unit.
The SSM sanctioning procedure appears also critical if the requirement of sepa-
ration of phases is examined in its dynamic dimension.
Indeed, as previously described, whether any reason to suspect a breach emerges,
the ECB (often the Joint Supervisory Teams—JSTs) refers it to the Investigating
Unit; the Unit undertakes investigations, and, if that is the case, elaborates a draft
proposal for a penalty to be applied before the Supervisory Board. The latter then
passes a complete draft proposal to the Governing Council, which may approve it as
a final decision through the non-objection procedure.234
Interestingly, a comparable structure was examined by the ECtHR in Grande
Stevens. Similarly to the SSM, also the (then into force) decision-making process of
the CONSOB was structured in three phases: Investigation, carried out by an inter-
nal office, which also articulates the accusation; submission of the report containing
the conclusions and the proposed penalties to a Directorate; and issuing of a final
decision (potentially including penalties) by the Commission.235
229
230
231
At the European level, a similar investigating structure may be found with regard to the “inde-
pendent investigating officer” appointed by the European Securities and Markets Authority
(ESMA), cf. Article 64, Regulation (EU) No 648/2012 of 4.07.2012 on OTC derivatives, central
counterparties and trade repositories. The same provisions, still referred to ESMA, may be found
in Article 31 of the recent Proposal for a Regulation of the European Parliament and of the Council
on European Crowdfunding Service Providers (ECSP) for Business, Brussels, 8.3.2018
COM(2018) 113 final.
232
Cf. Article 24 SSM R.
233
Cf. Article 4(1), Decision of the European Central Bank of 14.04.2014 concerning the establish-
ment of the Administrative Board of Review and its Operating Rules (ECB/2014/16); cf. also
above, Sect. 4.4.3.
234
Cf. Sect. 4.4.3.
235
In that case, although the Court recognized the existence of a “certain separation
between the investigative entities and the entity with responsibility for determining
whether an offence had been committed and imposing penalties”,236 the overall pro-
ceeding was not considered in compliance with the Conventional principles. The
Court considered that if the investigation, accusation and decision on the penalties
are exercised by “branches of the same administrative body, acting under the author-
ity and supervision of a single chairman […] this amounts to the consecutive exer-
cise of investigative and judicial functions within one body; in criminal matters such
a combination of functions is not compatible with the requirements of impartiality
set out in Article 6(1) of the Convention”.237
This argument, interestingly, was not raised, nor challenged in the drastic
revirement of the ECtHR case-law concerning the application of ne bis in idem, nor
it was rejected by the recent decisions of the CJEU precisely concerning CONSOB
sanctioning procedures.238
Applying such parameters to the Single Supervisory Mechanism, two main criti-
cal points emerge. First, the breach referral mechanism adopted by the SSM, even
though it made compulsory for the JSTs to refer potential irregularities to the
Investigating Units, did not abolished the discretion of the first in deciding what is
a breach, in order to refer it. A certain dependency of the IU to the non-independent
JSTs (in terms of formal guarantees, both towards the supervised institution(s) and
the rest of the SSM bodies) is therefore accepted in the SSM investigations. (not to
mention the case of pecuniary payments or supervisory measures, where the IU
does not play any role).
JSTs risk also to retain in practice a notable weight during the investigation itself.
In fact, a really independent investigation, which covers also an inquiry on the merit
of the breach, is affordable only if investigating officers are in a sufficient number to
face, and investigate, the presumably huge amount of information that will be
referred to them. Investigating officers, moreover, shall possess not only the neces-
sary legal knowledge (possibly including also criminal law competences, in light of
the Engel case-law), but also specific expertise on the “hard-core financial pruden-
tial requirements” (such as capital and liquidity requirements, while the issue
appears less critical for prudential requirements related to governance).
It is evident, that if this twofold condition is not met, Investigating Units have
practically to rely on the expertise of the JST members for what concerns the merit
of the investigation, that is determining whether a bank breached prudential require-
ments or not.
236
Idem.
237
Idem, §137.
238
On the changes in the jurisprudence of the Court in Strasbourg concerning ne bis in idem after
A and B v Norway, see above Sect. 2.3.2. On the 2018 CJEU decisions on CONSOB (Garlsson
Real Estate SA, Case C-537/16 and Di Puma - Zecca, Joined Cases C-596/16 and C-597/16) still
concerning the double jeopardy clause, see Sect. 2.3.3.
In this sense, statistics do not draw a reassuring picture: According to the ECB
Annual Reports on supervisory activities, in 2016 out of 42 handled sanctioning
proceedings, 34 were still ongoing at the end of the year.239 In the following year, the
34 pending cases were joined by 10 new sanctioning proceedings, of which about
half (24) were still ongoing at the end of 2017.240 In 2018, the ECB initiated 27
sanctioning proceedings. Taking into account the 24 proceedings that were ongoing
at the end of 2017, the ECB handled 51 sanctioning proceedings in 2018, “an
increase of 13% relative to the 45 proceedings handled in 2017. The 51 proceedings
in 2018 led to 16 ECB decisions, an increase of 60% on the previous year”.241
Such numbers, which clearly show an increasing trend of the SSM sanctioning
procedures, raise some issues on the capacity of the SSM Enforcement and Sanction
Unit (which deals not only with investigation and sanctions, but also with enforce-
ment), as it presently stands (in terms of personnel and resources in general) to cope
with the workload of the whole SSM.
All these considerations, moreover, hold valid only when the Investigating Unit
is involved; as anticipated, however, such procedural rules are not applied for all
kinds of substantially criminal sanctions imposable under the SSM legal frame-
work. Indeed the IU is entitled to propose only the application of “penalties”, as so
defined by Article Part X, Title 2 SSM FR.
According to it, supervisory measures under Article 16(2)(m) SSM R, with-
drawal of banking authorisation under Article 14 SSM R, and periodic penalty pay-
ments under Article 18(7) SSM R, on the contrary, are applied by the Governing
Council with a non-objection procedure upon indication of the competent JST,
which, does not present even the limited independence guarantees that characterise
the Investigating Unit. In case they would be recognized a substantially criminal
nature, therefore, such sanctions or measures seem destined to cause serious viola-
tions of at least one fundamental fair trial safeguard, which appear hardly remedia-
ble without a reform of the Joint Supervisory Teams’ structure.
Lastly, on a different but related perspective, all the different bodies potentially
involved in the SSM sanctioning procedure—the Investigating Unit, the Supervisory
Board, the Administrative Board of Review (and even the Mediation Panel)—could
be considered as “acting under the authority and supervision” of the same leading
body.
239
ECB (2017), p. 39, Table 6.
240
ECB (2018), p. 78, Table 5. “Of the 44 sanctioning proceedings handled in 2017, 28 related to
suspected breaches of directly applicable EU law (ECB decisions and regulations included). These
cases concerned 26 SIs and related to the areas of own funds, reporting, public disclosure, liquidity
and large exposures […] Nine proceedings were closed in 2017 owing mainly to the nonmateriality
of the suspected breaches or the absence of a legal basis for imposing sanctions. The remaining 16
out of the 44 sanctioning proceedings handled in 2017 related to suspected breaches of national
law transposing CRD IV provisions and concern SIs or natural persons. These proceedings involve
suspected breaches with regard to governance (including internal control mechanisms), manage-
ment body functions and remuneration”.
241
Cf. ECB (2019), § 3.2.
In fact, it is the Governing Council which appoints four of the six members of the
Supervisory Board, and proposes the appointment of the other two to the European
Council.242 It is the Governing Council that appoints the members of the ABoR.
Likely, also the appointment of the IU investigating officers might today depend
either on the Governing Council, or on the Executive Board, as they are the only
decision-making body in the ECB current structure. Lastly, of course, it is the
Governing Council which, at the end of the proceeding, takes the decisions on
whether to apply a sanction or not.
The similarities between the SSM internal structure and that of the CONSOB,
already censured as contrary to Article 6 ECHR in Grande Stevens, hence put the
ECB sanctioning procedure at a rather high risk to be found in violation of the prin-
ciples of independence and impartiality required by the Convention and the Charter.
This conclusion results especially critical with regard to certain supervisory sanc-
tions, for which, as will be examined further below,243 it is not possible to deem
applicable the remedy of a full judicial review.
6.3.2 T
he Principle of Equality of Arms: Right to Be Heard,
and Right of Access to Files
Another relevant profile in the fairness of the SSM punitive powers concerns the
compliance with the principle of equality of arms deriving by Article 6(1) ECHR.
The principle requires fair balance between the parties both in civil and in criminal
proceedings, in particular to guarantee that each party is given “a reasonable oppor-
tunity to present his case under conditions that do not place him at a substantial
disadvantage vis-à-vis his opponent”.244
The prohibition of discrimination, expressed in general terms by Article 14
ECHR, was first applied by the Court in Strasbourg to judicial proceedings in civil
matters,245 and was later translated in criminal proceedings, although it has been
observed that in this context, given the structural difference between the position of
the prosecutor and that of the defendant, “equality can only be conceived of […] as
a certain equivalence”.246
The content of this principle already finds application in EU administrative pro-
ceedings, and especially in individual determinations issued by the European Union,
or by Member States acting in the scope of EU law. Article 41 of the Charter, —pro-
viding for the right to good administration—recognizes to every natural or legal
person both the right of access to files, and the right to be heard—that is the right to
give the persons concerned by a decision, the opportunity of putting forward their
242
243
Cf. below, Sect. 6.3.3.
244
Cf. Kress v France, 7.06.2001, Application no. 39594/98, § 72.
245
Cf., e.g., Dombo Beheer v Netherlands, 27.10.1993, Application no. 14448/88, § 33.
246
Cf. e.g. Trechsel (2005), p. 96 et seq.; Balsamo (2015), p. 125.
point of view on the complaints made against them, before that decision is
taken.247
The CJEU recognized wide application to these rights to all proceedings which
may culminate in adversely affecting measures (including the field of competition
law248) even before the entry into force of the Charter,249 defining in particular the
right to be heard as “a fundamental principle of Community law which must be
guaranteed even in the absence of any rules governing the procedure in question”.250
Within the EU legal framework, however, some uncertainty—relevant also for the
field of banking supervision—exists with regard to the scope of the right to be heard
under a subjective perspective, which reflects also upon the scope of the right of
access to files.
Indeed, in what is considered by the literature the first original formulation of the
right to be heard, the 1974 CJEU decision Transocean, the right applied exclusively
to the addressees of adversely affecting decisions which may be issued in a proceed-
ing.251 This restrictive interpretation, however, was not consistently followed by the
Court.252 In the 1994 decision Lisrestal, for instance, the application of the right to
be heard was limited to the subjects against which a proceeding had been initiated.
This further condition, however, got lost in the translation of the decision from
247
Cf. M. M. v Minister for Justice, Equality and Law Reform and Others, Case C-277/11,
22.11.2012, ECLI:EU:C:2012:744; although the Court on the point seems to have changed its
jurisprudence, as recognized by Opinion of Advocate General Wathelet, delivered on 16.09.2015,
in WebMindLicence, Case C-419/14, § 136. For a more detailed analysis of the theme, see Piva
(2017), p. 756 et seq., underlining how, besides for the direct application of Article 41 on Member
States, the same principles apply to the latter due to the case-law of the CJEU, upon which Article
41 CFREU has been built upon.
248
Cf. e.g., on the right to be heard, Hoffmannn la Roche & Co. AG v. Commission, Case 85/76,
13.02.1979, ECLI:EU:C:1979:36, § 9; Musique Diffusion française v. Commission, Case 100/80,
§10; Shell v. Commission, Case T-11/89, § 39; Compagnie maritime belge v. Commission, Case
C-395/96, 16.03.2000, ECLI:EU:C:2000:132, § 142, where the Court clarified that, even if Article
6(1) ECHR does not apply to antitrust proceedings, still the right to be heard and to access to files
shall be respected. On access to files as part of the principle of equality of arms, see, e.g., Solvay
SA v Commission of the European Communities, T-30/91, 29.06.1995, ECLI:EU:T:1995:115, § 83;
Imperial Chemical Industries plc (ICI) v Commission of the European Communities, Case T-36/91,
29.06.1995, ECLI:EU:T:1995:118, § 93.
249
As repeatedly affirmed by the Court of Justice cf., e.g., Transocean Marine Paint Association v
Commission of the European Communities, Case 17-74, 23.10.1974, ECLI:EU:C:1974:106, § 15;
Lisrestal and others v. Commission, Case T-450/93, 6.12.1994, ECLI:EU:T:1994:290; Dieter
Krombach v André Bamberski, Case C-7/98, 28.03.2000, ECLI:EU:C:2000:164, § 42; Sopropé -
Organizações de Calçado Lda v Fazenda Pública, Case C-349/07, 18.12.2008,
ECLI:EU:C:2008:746, § 36.
250
Cf., e.g. Belgium v. Commission, Case 40/85, 10.07.1986, ECLI:EU:C:1986:305, § 28; Belgium
v. Commission, Case 234/84, 10.07.1986, ECLI:EU:C:1986:302, § 28.
251
Transocean Marine Paint Association v Commission of the European Communities, Case 17–74,
§ 15.
252
Cf., e.g., Detlef Nölle, Case T-167/94, § 63, where the fact that the applicants were not charged
with allegation was considered a cause for refusing the application of the right. This interpretation
has been recovered in trademark cases; for a reconstruction of the case-law on the matter, see
Rabinovici (2012), p. 170.
French to English,253 and the latter “incomplete” version was then replicated both in
the following case-law of the Court,254 and in Article 41(2) of the Charter, which
does not include any reference to the need of being the person(s) against which the
proceeding has been initiated for invoking that right.255
Along this line, although the scope of the right to be heard highly varies depend-
ing on subject matters, the CJEU has increasingly, and somehow seldom, recog-
nized it also in favour of third parties which may be adversely affected by a
procedure, without being its direct targets.256
Against this interpretation, especially relevant results the case-law developed by
the CJEU with regard to the admissibility requirements for bringing action before
the Court. According to Article 263(4) TFEU, in fact, natural or legal persons may
appeal “against an act addressed to that person” or, if third parties, against an act
“which is of direct and individual concern to them, and against a regulatory act
which is of direct concern to them and does not entail implementing measures”.257
253
As it emerges comparing the French version of Lisrestal v. Commission, § 42 which states: “Ce
principe exige que toute personne à l’encontre de laquelle une décision faisant grief peut être prise
soit mise en mesure de faire connaître utilement son point de vue au sujet des éléments retenus à
sa charge par la Commission pour fonder la décision litigieuse” with the English version “That
principle requires that any person who may be adversely affected by the adoption of a decision
should be placed in a position in which he may effectively make known his views on the evidence
against him which the Commission has taken as the basis for the decision at issue” where no refer-
ence is made to the fact that the measure shall be adopted against the party (emphasis added).
254
Cf., e.g., M. M., §§ 85-87, according to which “The right to be heard guarantees every person
the opportunity to make known his views effectively during an administrative procedure and
before the adoption of any decision liable to affect his interests adversely”; Spain v Commission,
Case C-287/02, 9.06.2005, ECLI:EU:C:2005:368, § 37; Sopropé, § 37; Foshan Shunde Yongjian
Housewares & Hardware v Council, Case C-141/08 P, 1.10.2009, ECLI:EU:C:2009:598, § 83;
France v People’s Mojahedin Organization of Iran, Case C-27/09 P, 21.12.2011,
ECLI:EU:C:2011:853, §§ 64–65.
255
According to which “the right of every person to be heard, before any individual measure which
would affect him or her adversely is taken”. As reported by Rabinovici (2012), pp. 152–153, also
this provision is differently translated within the EU, and a criterion similar of that of ‘à son encon-
tre’ appears in other six versions (besides for the French one): “Dutch (‘jegems hem’); German
(‘ihr gegenüber’); Swedish (‘mot honom eller henne’); Danish (‘over for ham/hende’); Spanish
(‘en contra suya’); Italian (‘nei suoi confronti’). However, the Finnish, Portuguese, and Greek ver-
sions are similar to the English version, omitting the ‘initiated against’ criterion”.
256
Rabinovici (2012), p. 172, noticing how most EU legislations (in the field of competition law)
grant basic hearing rights to third parties having sufficient interest in a procedure, so that usually
the Courts do not have to refer to Article 41(2) CFREU to extend its scope.
257
Cf., e.g., LVM v Commission, Case T-84/89 (Joined Cases T-79/89, T-84/89, T-85/89, T-86/89,
T- 89/89, T-91/89, T-92/89, T-94/89, T-96/89, T-98/89, T-102/89, T-104/89), 19.06.1990,
ECLI:EU:C:2002:582, and Judgment in Dow Benelux NV v Commission of the European
Communities, C-85/87, 17.10.1989, ECLI:EU:C:1989:379. This review is not only subject to strict
time limitations, as if no proceeding is instituted before the Court within the 2-month period from
the publication of the measure, or of its notification, or, in the absence thereof, of the day on which
it came to the knowledge of the plaintiff, the challenged decision is held to be valid and cannot be
contested anymore as far as its merit is concerned.
These parameters have been strictly interpreted by the Court of Justice, starting
from the 1963 landmark case Plaumann,258 according to which the standing require-
ment for third private parties shall be recognized when the challenged decision
“affects them by reason of certain attributes which are peculiar to them or by reason
of circumstances in which they are differentiated from all other persons and by vir-
tue of these factors distinguishes them individually just as in the case of the person
addressed”.259
This issue was recently raised with specific regard to the SSM supervisory pro-
ceedings in the Fursin (Trasta) case, still pending, concerning the ECB withdrawal
of the banking licence to a Latvian bank (Trasta Komercbanka-TKB), due to a series
of prudential requirement violations, including in the field of anti-money
laundering.260
In March 2016, after an ECB decision ordered the withdrawal, the bank was put
into liquidation and, under Latvian law, a liquidator was appointed, and all the pow-
ers of attorneys to the management body of the bank revoked. In May 2016, how-
ever, the lawyer representing TKB during the administrative proceedings brought an
action for annulment of the contested decision on behalf of TKB and, as a precau-
tion, on behalf of six of its direct and indirect shareholders, which, contrary to the
bank, were not the direct addressees of the ECB decision. Deliberating over the
admissibility of the appeal under Article 263 TFEU, in September 2017 the Court of
Justice recognized that shareholders retain an individual and direct concern that
justifies an interest in bringing proceeding.261
Building on Plaumann, the Court recognized an individual concern to sharehold-
ers, since the ECB decision affected them “by reason of certain qualities peculiar to
them or of a factual situation which differentiates them from any other person”, that
is as shareholders “of the bank whose authorisation has been withdrawn and dif-
ferentiates the 42 direct shareholders of that bank from any other person”.262 The
258
Plaumann & Co. v Commission of the European Economic Community, Case 25-62, 15.07.1963,
ECLI:EU:C:1963:17, p. 107; Commission of the European Communities v Aktionsgemeinschaft
Recht und Eigentum eV, Case C-78/03 P, 13.12.2005, ECLI:EU:C:2005:761, § 33.
259
See, e.g., Comité Central d’Entreprise de la Société Anonyme Vittel and Comité d’Etablissement
de Pierval and Fédération Générale Agroalimentaire v Commission of the European Communities,
Case T-12/93, 27.04.1995, ECLI:EU:T:1995:78, § 59, where standing was denied to the employees
of a company on the basis that the approval of a merger by the Commission would not be a direct
cause of the loss of jobs in the merged company.
Highlighting this restrictive interpretation, e.g., see Witte (2015), p. 228; Mastroianni and
Pezza (2014), p. 947; Lamandini (2015), p. 129.
260
Fursin and Others [former Trasta Komercbanka and Others] v ECB, T-247/16 (Application of
08.07.2016) and T-698/16 (Application of 11.11.2016).
261
Order of the General Court of 12.09.2017, ECLI:EU:T:2017:623, in Fursin and Others, cit.,
currently appealed before the Court in Case C-663/17 P, 24.11.2017 and in case Trasta Komercbanka
AS, Ivan Fursin, Igors Buimisters, C & R Invest SIA, Figon Co. Ltd, GCK Holding Netherlands BV,
Rikam Holding SA v ECB, Case C-669/17 P, 28.11.2017; on which see also Opinion of AG Kokott,
delivered on 11.04.2019 (ECLI:EU:C:2019:323), where she advices to set aside the Latvian rules
on revoking a bank’s mandates in order to provide an effective remedy against the withdrawal of
the authorisation (recognizing the standing of the bank) while finding that the shareholders have no
right to challenge the withdrawal of the license of a bank.
262
Idem, §§ 61–62.
CJEU also recalled its jurisprudence according to which, as in the case under exam,
persons may be recognized individually concerned by a measure, even if they
represent a group, inasmuch as they form part of a limited class of economic
operators.263
The Court recognized a direct concern to the shareholders also in light of its
case-law, according to which the legal situation of the latter is directly concerned if
the decision affects the “substance or extent’ of their rights, “either as regards their
proprietary rights or the ability, conferred on them by those rights, to participate in
the management of the company”.264 This situation actually occurred in the Trasta
case, where the withdrawal of the bank’s authorisation prevented the latter from
performing its economic activity, therefore directly affecting the legal position of
the shareholders too, in particular their right to receive dividends from the profits of
a commercial company, the exercise of voting rights, and the right to take part in the
management of the company.265
The case-law concerning the right to be heard appears applicable also to define
the scope of the right of access to file, which represents another fundamental part of
the defence rights, both before (to fully exercise the right to be heard) and after a
decision is issued (to challenge it by judicial review).266
The purpose of this right, enshrined not only in the Charter and in the Convention,
but also in Article 7 of Directive 2012/13/EU on the right to information in criminal
proceedings, is in fact to “enable the addressees of statements of objections to
examine evidence in the […] file so that they are in a position effectively to express
their views on the conclusion reached […] on the basis of that evidence”.267
In this case too, however, critical profiles arise, concerning the boundaries of this
right. A first issue regards the interpretation of “file”, and therefore the definition of
which documents the party shall be granted access to, taking into account that,
according to Article 41(2)(b) CFREU, the latter may be limited by “the legitimate
interests of confidentiality and professional and business secrecy”.
According to Article 7(2) and (3) of the Directive, the right of access to file shall
cover at least all “all material evidence in the possession of the competent authori-
ties, whether for or against suspects or accused persons”, in addition to “further
material evidence comes into the possession of the competent authorities”. In its
263
Idem; see also Markku Sahlstedt and Others v Commission of the European Communities, Case
C-362/06 P, 23.04.2009, ECLI:EU:C:2009:243, § 36 and the case-law cited.
264
Order of the General Court of 12.09.2017, § 65, and case-law cited there.
265
Idem, §§ 67–69.
266
On the link between the right of access to files, the principle of equality of arms, and Articles
5(4) and 6(3) let. b) ECHR, see Allegrezza (2008b), p. 143 et seq.; Mitsilegas (2016), p. 164 et
seq.; Sayers (2015), p. 1333 et seq.; Gless (2013), p. 90.
267
Solvay SA, Case T-30/91, § 59. See also Imperial Chemical Industries plc (ICI), §§ 69. See
especially Article 7(2), Directive 2012/13/EU of 22.05.2012 on the right to information in criminal
proceedings, which is essentially based on the ECtHR case-law, with few more elevated standards,
such as the so-called Letter of rights, see in this sense Mosna (2017), pp. 957 and 961, highlighting
also how the provision of Article 7 recalls Article 5(4) ECHR, but without providing for grounds
for refusal; see also Sayers (2015), p. 1334 et seq.; Cape et al. (2010), p. 32 et seq.
early jurisprudence, developed in competition law, the CJEU did not recognize an
obligation to disclose the complete file to the parties, but only those documents on
which the issuing authority has based its decision on. According to this interpreta-
tion, it was hence for the same authority to both issue a decision, and select the files
the parties may get access to.268
Later, however, in the 2004 landmark decision Aalborg Portland the Court
acknowledged the need to grant to the “undertaking concerned the opportunity to
examine all the documents in the investigation file which may be relevant for its
defence”, including “both incriminating evidence and exculpatory evidence, save
where the business secrets of other undertakings, the internal documents of the
Commission or other confidential information are involved”.269
Besides for a limited case-law in which documents were considered to be “of
relevance to the investigation […] in so far as they formed part of the file”,270 the
higher protection to defence rights given under Portland was however partially
downsized by the burden of proof set upon the claimant.
Indeed, to annul a decision taken without duly granting access to files, the latter
should have shown “that the result at which the Commission arrived in its decision
would have been different if a document which was not communicated to that
undertaking and on which the Commission relied to make a finding of infringement
against it had to be disallowed as evidence”.271 This test, extremely restricted the
defence’s prerogatives, even though the Court explicitly stated that, in case the doc-
ument not communicated consisted of an exculpatory evidence, “the undertaking
concerned must only establish that its non-disclosure was able to influence, to its
disadvantage, the course of the proceedings and the content of the decision of the
Commission”, and that “it would have been able to use the exculpatory documents
in its defence”.272
A second relevant issue concerns the level of limitation to the access that the
proceeding authority may impose on the undertakings due to secrecy or confidenti-
ality reasons. According to the CJEU case-law, in fact, these motives cannot be used
to totally deny access to files; and even where it is necessary to omit some parts of
a document to protect such interests, that cannot bring to the mere issuing of blank
268
Vereniging ter Bevordering van het Vlaamse Boekwezen, VBVB, and Vereniging ter Bevordering
van de Belangen des Boekhandels, VBBB, v Commission of the European Communities, Joined
cases 43/82 and 63/82, 17.01.1984, ECLI:EU:C:1984:9, § 25.
269
The already mentioned Cement joined case: Aalborg Portland A/S (C-204/00 P) and others, §
68. For its relevance with regard to the principle of ne bis in idem, see also Sect. 2.3.3.
270
Hoechst GmbH v Commission of the European Communities, Case T-410/03, 18.06.2008,
ECLI:EU:T:2008:211, § 152.
271
Idem, § 73.
272
Idem, §§ 74–75. This test was then slightly modified in 2011, when the CJEU in Solvay estab-
lished that “where access to the file, and particularly to exculpatory documents, is granted at the
stage of the judicial proceedings, the undertaking concerned has to show, not that if it had had
access to the non-disclosed documents, the Commission decision would have been different in
content, but only that those documents could have been useful for its defence”, cf. Solvay SA v
European Commission, Case C-110/10 P, 25.10.2011, ECLI:EU:C:2011:687.
pages: The proceeding authority is instead required to provide a comprehensible

non-confidential version of the document(s) to be disclosed.273
All limitations to the right of access to files may be challenged before the Court
of Justice, which shall determine whether a non-disclosed document “might have
influenced the course of the proceedings and the content of the decision” and “have
had a significance which ought not to have been disregarded” on the basis of “an
objective link between the documents which were not made accessible during the
administrative procedure and an objection adopted against the undertaking
concerned”.274
These issues have already been faced by the CJEU with specific regard to the
ECB or, more generally, to the field of financial supervision.
In Espirito Santo Financial (2018), the Court specified that limitations are
allowed only if “based on reasons of public or private interest”. Such reasons shall
be specific, actual, and punctually stated to the applicant requesting access to files.275
In Baumeister (2018), the Court specified that information concerning the
“supervision file, including its correspondence with other bodies, do not constitute,
unconditionally, confidential information”. The latter may instead be defined, in
regard to the need of maintaining professional secrecy, in information “(1) which is
not public and (2) the disclosure of which is likely to affect adversely the interests
of the natural or legal person who provided that information or of third parties, or
the proper functioning of the system for monitoring” the financial activities.276
Lastly, in UBS Europe (also 2018), the Court clarified that the “subject of a mea-
sure adversely affecting him must have the opportunity to examine all of the docu-
ments in the investigation that might be relevant for his defence. Those documents
comprise both inculpatory and exculpatory evidence, with the exception of business
secrets concerning other persons, internal documents of the authority that adopted
the measure and other confidential information”. The CJEU affirmed that “it is how-
ever allowed to exclude from the administrative procedure evidence which has no
relation to the allegations of fact and of law in the statement of objections and which
therefore has no relevance to the investigation […] It follows from the foregoing
considerations that the right to disclosure of the documents relevant to the defence
is not unlimited and unfettered […] Accordingly, in the event of a conflict of, on the
one hand, the interest of the person who is the subject of a measure adversely affect-
ing him in having access to the information necessary for him to be in a position to
exercise fully his rights of defence and, on the other hand, the interests in connec-
tion with maintaining the confidentiality of the information covered by the obliga-
tion of professional secrecy, it is for the competent authorities or courts to seek to
strike a balance between these opposing interests in the light of the circumstances
273
Hoechst GmbH v Commission, §§ 152–153.
274
Aalborg Portland A/S (C-204/00 P) and others, §§ 76-77, and 129.
275
Cf. Espírito Santo Financial (Portugal) v ECB, Case T-251/15, 26.04.2018, ECLI:EU:T:2018:234,
appealed in Case C-442/18 P of 23.11.2018, §§ 51–83, where the ECB decision refusing to grant
access to files was annulled by the Court.
276
Baumeister, Case C-15/16, 19.06.2018, ECLI:EU:C:2018:464, § 34 et seq.
of each case”. National authorities shall therefore “ascertain whether that informa-
tion is objectively connected to the complaints upheld against him and, if this should
be the case, to weigh up” the above mentioned interests.277
The jurisprudence mentioned so far, however, is not the only parameter against
which the SSM supervisory proceedings shall be examined: When they may end up
with the application of a substantially criminal penalty, the fairness of sanctioning
procedures shall indeed be assessed also in light of the notions of the rights to be
heard and of access to file developed by the ECtHR for the matière a coloration
pénale. In this field, in fact, both rights represent a fundamental part of the adver-
sarial proceeding guarantees, according to which prosecution and defence must be
given the opportunity to have knowledge of and comment on the observations filed
and the evidence (including witnesses’ testimonies) adduced by the other party.278
For the profiles relevant to the SSM sanctioning proceedings, the content of the
right of access to files in criminal matters does not differentiate much from that
provided for by Article 41 CFREU. Indeed, also under Article 6(1) ECHR, and start-
ing from the ECtHR case Borgers v Belgium, a party potentially affected by the
result of a proceeding has the right to have all the material evidence used for the
accusation disclosed in order to guarantee the equality of arms.279 In the ECtHR
case-law too, the scope of this right, that is the identification of the documents
which shall be disclosed, is determined on the basis of the “relevance” of the said
document(s) with regard to the proceeding.280 Lastly, also in criminal matters, the
right of access to files is not interpreted to be absolute, as both in the case-law of the
ECtHR and in Article 7(4) of Directive 2012/13, the latter may be restricted—only
as strictly necessary—to protect fundamental rights of other people, or to safeguard
important public interests, such as national security.281
The debate over the definition of the moment from which the right of access to
files attaches in criminal proceedings, especially critical (and crucial) when dealing
277
UBS Europe and o., Case C-358/16, 13.09.2018, ECLI:EU:C:2018:715, §§ 66–70.
278
Cf., e.g., Rowe and Davis v. the United Kingdom, 16.02.2000, Application no. 28901/95, § 60;
Užukauskas v. Lithuania, 6.07.2010, Application no. 16965/04, § 47. According to Trechsel
(2005), p. 90, from a Conventional perspective, prosecution shall not be included in the
definition.
279
Borgers v Belgium, 30.10.1991, Application no. 12005/86.
280
Cf., e.g., Edwards And Lewis v. The United Kingdom, 27.10.2004, Applications nos. 39647/98
and 40461/98, § 46.
281
Rowe and Davis v. the United Kingdom, § 61; Moiseyev v Russia, 9.10.2008, Application no
62936/00; Edwards and Lewis v UK; Van Mechelen and Others v. the Netherlands, 23.04.1997,
Applications nos. 21363/93, 21364/93, 21427/93 and 22056/93, § 58. Restricting provisions due
to business secrecy protections or other confidential information have also been implemented by
some EU legal acts, cf. Commission Notice on the rules for access to the Commission les in cases
pursuant to Articles 81 and 82 of the EC treaty, Articles 53, 54 and 57 of the EEA Agreement and
Council Regulation (EC) 139/2004. See also Levitt (1997), p. 1424. According to the Directive,
moreover, refusals to access to files shall be authorized by a judicial authority if strictly necessary
“to safeguard an important public interest, such as in cases where access could prejudice an ongo-
ing investigation or seriously harm the national security of the Member State in which the criminal
proceedings are instituted”, see Ciampi (2012), p. 9.
with criminal investigations stricto sensu, does not seem to be in point to the SSM
sanctioning proceedings, where most of the evidence gathered by the Investigating
Unit comes from the credit institutions under investigation.
Against this background, the right of access to files as provided by the SSM
Regulations does not appear especially problematic, even when applied to proceed-
ings leading to substantially criminal supervisory sanctions. According to Article 32
SSM FR, in fact, parties of supervisory proceedings “shall be entitled to have access
to the ECB’s file, subject to the legitimate interest of legal and natural persons other
than the relevant party, in the protection of their business secrets”.282
Of course, this exception for confidential information may heavily affect their
level of protection from the perspective of the subject under investigations.
Nevertheless, this clause, read in light of the consolidated case-law of the European
Courts and of the sensitiveness of the matter of banking oversight, may well fall
under those situations in which withholding certain documents from the defence is
necessary. Such limitation can therefore be considered proportionate, and in line
with the provisions of the Convention and of the Charter,283 at least as long as the
undisclosed material does not contain items so relevant as to enable the investigated
subject to exonerate itself or have the sentence reduced.284
Different conclusions should instead be drawn with regard to some profiles of the
right to be heard, where the notion varies more significantly (for the purposes of this
analysis) in its administrative and criminal dimension.
On one side, in fact, the SSM does not appear especially critical in light of Article
41 CFREU, as interpreted by the CJEU. Under this perspective, Articles 22 and 27
SSM R require that all entities potentially affected by the ECB decisions shall be
previously given the opportunity of commenting on the facts. This right applies to
all sanctions adopted under Article 18 SSM R, as well as to supervisory measures
provided for by Articles 14 SSM R and with those established by Article 16(2) SSM
R to ensure compliance with macro-prudential decisions.
In case “an urgent decision appears necessary in order to prevent significant
damage to the financial system”, Article 22 SSM FR allows the ECB to proceed and
take a decision without granting the possibility to previously comment on the facts.
Afterwards, however, “without undue delay after its adoption”, the interested par-
ties shall be given the opportunity to do so.285
According to Article 31(6) SSM FR, this option does not apply to administrative
penalties. Considering however that it could apply to substantially criminal supervi-
sory measures and that it represents an exception to a fundamental right, this provi-
282
Cf. Articles 22 and 32(1) SSM FR.
283
Cf. Caianiello (2019).
284
In this sense, cf. Natunen v Finland, 31.03.2009, Application no. 21022/04, § 43; C.G.P. v The
Netherlands (dec), 15.01.1997, Application no. 29835/96.
285
Cf. Article 31(1)-(4)-(5) SSM FR.
sion should be interpreted strictly286. In any case the ECB shall base its decisions
only on those objections that the parties concerned have been able to comment.287
Due to the limited scope of Article 22 SSM R, the right to be heard does not
apply to macro-prudential decisions. To comply with the ECHR and the CFREU,
therefore the right should be extended also to the latter at least when they are not
general but addressed to a single credit institution.288
In the criminal matter, moreover, the notion of the right to be heard results much
articulated, (although it is not considered by the Court in Strasbourg as an absolute
right).289
First, as part of the principle of equality of arms, in this limb such right partially
overlaps with the guarantees of Article 6(3)(d) ECHR, according to which everyone
charged with criminal offences has the right “to examine or have examined wit-
nesses against him and to obtain the attendance and examination of witnesses on his
behalf under the same conditions as witnesses against him”.290 At first glance, the
impact of this provision in the SSM supervisory proceedings appears rather limited,
since most of the evidence gathered in order to impose a sanction under Article
18(1) SSM R are likely to be of documental, rather than testimonial nature.
Nonetheless, where the latter would be the case, also this profile of the right to be
heard shall find application in the SSM (punitive) proceedings, even in lack of any
specific provision of the Regulations in that sense.
Critical issues, instead, arise with regard to the modalities in which such right
shall generally be put in place. In the ECtHR case-law applicable to the criminal
matter, in fact, the right to be heard shall be read in light of Article 6(1) of the
Convention, which requires the proceeding to be hold in a public hearing.
While the compliance with this specific profile could be considered of minor
relevance for the SSM,291 extremely significant is instead that jurisprudence accord-
ing to which the “entitlement to a “public hearing” in Article 6 § 1 necessarily
implies a right to an “oral hearing””.292 This obligation is not considered absolute
by the Court, especially in cases where fair trial rights are applicable due to an
extensive interpretation of criminal matter under the Engel doctrine.293 However,
even in those cases, the exclusion from the obligation to hold an oral hearing is not
286
D’Ambrosio (2013), p. 55.
287
Articles 22(1) and Article 24(7) SSM R.
288
As underlined by D’Ambrosio (2013), p. 59.
289
On the relative character of the right to be heard for the ECHR, see Trechsel (2005), pp. 90–92.
290
Although mainly concerning witnesses, the Court has sometimes traced this guarantee back to
evidence in general, interpreting it as a right that no evidence shall be used as the basis for a convic-
tion unless the defendant has had the opportunity to challenge its validity, and comment upon its
relevance; see, e.g., Perna v Italy, 6.05.2003, Application no. 48898/99, §§ 25–32. For a detailed
case-law analysis of Article 6(3)(d) ECHR, see Trechsel (2005), pp. 292–326; Harris et al. (2014),
p. 483 et seq.; Balsamo (2015), pp. 146–151.
291
As it will be argued below, in Sect. 6.3.4.
292
Döry v. Sweden, 12.11.2002, Application no. 28394/95, § 37.
293
Jussila v. Finland, §§ 41–43.
automatic, and the criterion to establish whether that is required or not depends on
“the nature of the issues to be dealt with” by the competent court, the “gravity”
attached to the proceedings, and the “significant degree of stigma” carried out by the
applicable sanctions (in particular on whether they raise any question of fact or law
which could not be adequately resolved on the basis of the case file).294
This jurisprudence raises critical issues in the SSM legal framework.
According to Article 126 SSM FR, once an investigation is completed, the
Investigating Unit shall notify a Statement of Objections to the supervised entity.
Within a “reasonable time limit” established in the same Statement, the party has
the right to make submissions in writing to the Unit on the factual results and the
objections raised against it. With the Statement of Objection, the Unit may also
invite the party to attend an oral hearing. Such a hearing may also be requested
directly by the supervised entity itself, but that does not limit the discretion of the
Unit in deciding whether to grant the hearing or not.295
In the SSM sanctioning proceedings, therefore, the very possibility of having an
oral hearing is not a right of the party of the proceeding, but depends on the discre-
tion of the Investigating Unit.296
Interestingly, a procedure similar to this one was examined by the ECtHR again
in Grande Stevens, where the right to be heard took place in a written exchange of
views between CONSOB and the private parties, rather than through an oral hear-
ing. In that case, the Court affirmed that although the obligation to hold a hearing is
not absolute, “refusing to hold an oral hearing may be justified only in rare cases”.297
The violation of the right to be heard, also in its dimension requiring an oral
hearing, does not however automatically determine a violation of the fair trial rights:
According to the ECtHR, similarly to what already mentioned with regard to the
principles of independence and impartiality, unjustified limitations of this right may
be “remedied” if the issued decision is subject to a review before a judicial body that
has full jurisdiction. This safeguard, however, as will be argued hereinafter, does not
seem entirely applicable to the Single Supervisory Mechanism, and therefore not
fully capable of remedying the deficiencies of its sanctioning proceedings under
Article 6 ECHR.298
Before analysing this crucial point, it is however necessary to finally underline
that the SSM sanctioning proceedings may also result critical for the right to be
heard under a last profile. Indeed, according to Article 126 SSM FR, the Statement
294
Idem, §§ 41–42, 47–48 (tax-surcharge proceedings); Suhadolc v. Slovenia (dec.), 17.05.2011,
Application no. 57655/08 (summary procedure for road traffic offences).
295
296
Contrary for instance to what established in competition law, where “The Commission shall
give the parties to whom it addresses an SO the opportunity to develop their arguments at an oral
hearing if they so request in their reply to the SO (Article 12(1) of Reg. 773/2004)”, cf. European
Commission (2012), p. 6/11—Right to be heard (3.1, § 28).
297
298
Cf., e.g., Riepan v Austria, 14.11.2000, Application no. 35115/97, § 39; cf. below, Sect. 6.3.3.
of Objection shall contain “the findings under the investigation carried out and of
any objections raised thereto”.
This provision seems able to satisfy the right to be informed of the charges pro-
vided for by Article 6(3)(a) ECHR299 which, as underlined by legal scholars, covers
the right to be informed immediately, or at least early enough in the course of the
proceedings, of the allegations in fact and in law made by the public authority; and
the right that charges cannot be modified unless there is a new communication by
the same authority, and a sufficient period of time to allow the defence to re-structure
its strategy.300
On the other side, however, it remains uncertain whether the reference to the
“objections raised” covers also the amount of the penalty that the Investigating Unit
is proposing the Supervisory Board to impose, or at least the aggravating circum-
stances and the figures used by the IU to calculate the sanction.
Nothing in Article 126 SSM R in fact mentions this profile, which has a major
relevance from the perspective of the defence. This circumstance, together with the
limited jurisdiction of the Court of Justice for some of the sanctions imposable by
the SSM, as will be argued below, risks to leave credit institutions dangerously
unsafeguarded precisely on the profile of a sanctioning procedure more capable to
adversely affect them, that is the amount of the penalty itself.
In this sense, even though that would increase the complexity and length of the
proceeding, in order to safeguard the fundamental rights of the undertakings, and to
prevent sanctioning decisions to be made void for violation of procedural fair trial
rights, it seems recommendable for the European Central Bank to establish a right
to be heard also on the amount of the imposable fine. Such a result could be achieved
amending the SSM Framework Regulation. In lack of a political consensus in this
regard, an attempt could be at least perhaps made issuing a separate working docu-
ment (to be published, so as to be foreseeable by the parties involved), similarly to
what already occurred in Antitrust proceedings before the Commission.301
299
Kamasinski v. Austria, 19.12.1989, Application no. 9783/82, § 79; Pélissier and Sassi v. France,
25.03.1999, Application no. 25444/94, § 51; Mattoccia v. Italy, 25.07.2000, Application no.
23969/94, § 59; Penev v. Bulgaria, 7.01.2010, Application no. 20494/04, §§ 33 and 42. On the
critical issues left unsolved by the ECtHR concerning the modalities in which communication of
the charges shall be made, see Mosna (2017), p. 960; Quattrocolo (2015), p. 87 et seq.
300
Cf., e.g., Trechsel (2005), pp. 195–196; Balsamo (2018), pp. 120–123.
301
Cf. European Commission (2012), pp. 5 and 6/15—Drafting of Statement of Objections (SO)
(2.2.2), according to which “The SO must also clearly indicate whether the Commission intends to
impose fines (Article 23 of Regulation 1/2003), a periodic penalty payment (Article 24) or other
remedies (structural or behavioural), should the objections be upheld, referring to the evidence and
facts supporting such measures.16 (16) In case of imposition of fines pursuant to Article 23 of
Regulation 1/2003, the SO will refer to the relevant principles laid down in the Guidelines on set-
ting fines […] The Best Practices Notice states that, although under no legal obligation in this
respect, the SO will endeavour to include (using information available) further matters relevant to
any subsequent calculation of fines, including the relevant sales figures to be taken into account
and the year(s) that will be considered for the value of such sales. Such information may also be
provided to the parties after the Statement of Objections. In both cases, the parties will be provided
with an opportunity to comment”.
6.3.3 Right to a Full Judicial Review
As already mentioned, the application of fair trial rights, especially in their criminal
limb interpretation, often results highly problematic when applied by formally
administrative authorities, which are structurally and procedurally different from
the judiciary.302
In order to find an applicable compromise between the need to elevate the stan-
dards of safeguard when punitive sanctions are at stake, and that of not forcing (at
least, not too much) a wide range of administrative bodies to assimilate completely
with judicial ones, the Court in Strasbourg has, since its 1983 Le Compte decision,
developed a solid case-law that identifies in the “full judicial review”, before a tri-
bunal that provides the guarantees of Article 6 ECHR, an adequate counter-balance
for certain lacunas of fair trial rights in administrative punitive proceedings.303
In particular, as anticipated, full judicial review is considered to be a remedy to
structural problems concerning the impartiality and the independence of decision-
making bodies, but also to limitations of the right to an oral and public hearing.304
According to such jurisprudence, “full judicial review” or “unlimited jurisdiction”
is identified by the possibility of the reviewing body to rule both on questions of fact
and law (e.g. analysing the appropriateness and proportionality of the penalty
imposed by the administrative authority).305 In Menarini (2011)—a case concerning
national competition law, particularly relevant under several profiles also for the
field of banking supervision—the Court further specified such notion.
The ECtHR indeed considered compatible with this parameter also the scope of
review of a national court which did not have, by law, unlimited jurisdiction, but
could still decide whether the administrative authority had made a proper use of its
powers, examine the grounds for its decision, its proportionality, as well as its tech-
nical evaluations, and also review the proportionality of the fine, and, in a given
case, replace it.306
This case-law has been recognized also in the European Union, where Article 47
CFREU covers, under the principle of effective judicial protection, both the right to
302
303
Albert and Le Compte v. Belgium, 10.02.1983, Application no. 7299/75; 7496/76, § 29; Segame
SA v. France, 7.06.2012, Application no 4837/06, § 55; Menarini Diagnostics S.r.l., § 59; although
this argument holds true for Article 6 ECHR also in its civil limb meaning, see Regner v. Czech
Republic, 19.09.2017, Application no. 35289/11, §§ 130, 136, 150.
304
Cf., e.g., Riepan v Austria, § 39.
305
Cf., e.g., Albert and Le Compte, § 29; Tsfayo v UK, 14.11.2006, Application no. 60860/00, §§
42–48; Janosevic v. Sweden, 23.07.2002, Application no. 34619/97, § 81; Menarini Diagnostics
S.r.l., § 59. But see also, with specific regard to the banking matter under civil limb, Capital Bank
AD v. Bulgaria, 24.11.2005, Application no. 49429/99, §§ 98–116, where a violation was found
also in the unjustified self-restraint of a Court from exercising full jurisdiction.
306
Cf. Menarini Diagnostics S.r.l., §§ 64–67. See also Lamandini et al (2015), p. 92, highlighting
how, in that case, “The ECtHR even opened the possibility for due process rights to be calibrated
in the context of an administrative procedure with independent authorities”.
a full judicial review in the ECtHR meaning, and the right to an effective remedy
provided for by Article 13 of the Convention.307
In the 2014 Telefónica case, in particular, the Court of Justice recognized how the
application of a “penalty” by administrative authorities which do not themselves
satisfy the requirements laid down in Article 6(1) ECHR is “possible” as long as the
decisions taken could “be subject to subsequent review by a judicial body endowed
with unlimited jurisdiction”, that is entrusted with “the power to quash in all
respects, on questions of fact and law, the decision at issue”.308
Against this background, it shall be examined whether it is possible to consider
the Court of Justice a tribunal with unlimited jurisdiction for the sanctions applied
by the ECB in its supervisory capacity. Following the very broad provision of
Article 24(11) SSM R, in fact, proceedings may be brought before the CJEU “in
accordance with the Treaties”.
According to Article 263 TFEU, the Court is entitled to “review the legality of
legislative acts” (italics added) issued by EU institutions, bodies, offices or agencies
of the Union “intended to produce legal effects vis-à-vis third parties”—a jurisdic-
tion that therefore apparently excludes the merit from its scope. This conclusion
seems to be supported by the provision of Article 261 TFEU, according to which the
Court may, in any case, be conferred unlimited jurisdiction in regulations adopted
jointly by the European Parliament and the Council, and by the Council, with regard
to the penalties there provided.
Standards of review under Article 263 TFEU are particularly relevant in areas
“giving rise to complex economic assessments”, examined by the CJEU for instance
in Henri de Compte (1991 and 1994), according to which the merit of administrative
discretionary acts cannot be challenged before the Court, unless they are “mani-
festly disproportionate”.309 In more recent case-law, however, such as Chalkor and
KME (both from 2011), and again in Telefónica (2014), the Court also affirmed that
such margin of appreciation deriving from the exercise of discretionary powers
“does not mean that the Courts of the European Union must refrain from reviewing
the [Commission’s] interpretation of information of an economic nature […] The
EU judicature must, among other things, not only establish whether the evidence put
forward is factually accurate, reliable and consistent, but must also determine
whether that evidence contains all the relevant data that must be taken into consid-
eration in appraising a complex situation and whether it is capable of substantiating
307
Chalkor v. Commission, C-386/10 P, § 47; Schindler Holding Ltd and others, § 36.
308
Telefónica SA and Telefónica de España SAU v European Commission, Case C-295/12 P, 10.07.
2014, ECLI:EU:C:2014:2062, §§ 51-52. Cf. also Jones and Sufrin (2016), p. 898.
309
Cf. also, e.g., Henri de Compte v European Parliament, Case T-26/89, 17.10.1991,
ECLI:EU:T:1991:54, § 220 and case-law there mentioned, according to which “The Court cannot
substitute its own judgment for that of the appointing authority except in the case of a manifest
error or misuse of powers”; Henri de Compte v European Parliament, C-326/91 P, 2.06.1994,
ECLI:EU:C:1994:218, § 115. With a substantially similar view, on the ECtHR side, the dissenting
opinion of Jusdges Villiger, Yudkivska and Pejchal in Delta Pekárny A.S. v Czech Republic,
2.10.2014, Application no. 97/11.
the conclusions drawn from it”.310 Nonetheless, when it came to assess the compli-
ance of judicial review systems with Article 47 CFREU, the CJEU required, with
regard to competition law, a combination of the “review of legality provided for
under Article 263 TFEU” to be supplemented by “the unlimited jurisdiction in
respect of the amount of the fine”.311 This model, however, differes from that of the
Single Supervisory Mechanism.
Indeed, against a decision-making body not completely in compliance with the
parameters of independence and impartiality, and with a sanctioning procedure that
mentions but does not guarantee the right to an oral hearing, the SSM Regulations
do not always provide for a full or unlimited judicial review to all the sanctions with
a substantial criminal nature imposable by the ECB.
This consideration holds true even though no less than three reviewing bodies
may be involved in the SSM supervisory sanctioning proceedings: National judicial
authorities, the Administrative Board of Review, and the Court of Justice.312
National courts may be addressed in two cases, one concerning investigative
measures, the other concerning sanctions. In the first case, as already anticipated,
the SSM Regulation does not require a prior judicial authorization, unless so
required at the national level.313 This feature has been already found by the court in
Strasrboug to be in compliance with the Convention in the field of competition law
on dawn raids in Delta Pekárny, as long as such a lacuna is balanced by an effective
ex post judicial review that covers both legality and merit.314 Whether judicial review
may be considered so in the SSM legal framework, however, appears dubious, at
least with regard to some of the ECB powers. According to Article 13 SSM R,
national judges may play a marginal role in the ex post judicial review of some SSM
investigating acts, as they are the only authorities directly involved in conferring
prior authorizations to on-site inspections carried out by the ECB, when such mea-
sures so requires under domestic law. This provision has been considered a “fair
compromise between the values involved, since it preserves the effectiveness of the
310
Cf., e.g., Chalkor v. Commission, Case C-386/10 P, § 54; KME and Others v. Commission, Case
C-272/09, 8.12.2011, ECLI:EU:C:2011:816, § 94; Europese Gemeenschap v Otis NV and Others,
Case C-199/11, § 59; Telefónica SA, Case C-295/12 P, § 54; Commission v Tetra Laval, Case
C-12/03 P, 15.02.2005, ECLI:EU:C:2005:87, § 39. Affirming the relevance of this case-law in the
ECB supervisory procedures Ligeti and Robinson (2017), p. 232.
311
Cf. KME Germany AG, KME France SAS and KME Italy SpA v European Commission, Case
C-272/09 P, 8.12.2011, ECLI:EU:C:2011:810. Cf. also Lenaerts et al (2014), p. 394; Lamandini
et al (2015), p. 87.
312
Cf. Ter Kuile et al. (2015), p. 182 et seq.
313
Cf. above, Sect. 4.4.3. and study there mentioned reporting that this occurs only in very few
cases in the Eurozone.
314
Delta Pekárny A.S. v Czech Republic, 2.10.2014, Application no. 97/11, §§ 87–91, concerning
on site-inspections in competition law; cf. also Neruda and Barinka (2015), 412. Cf. also Ste Colas
Est, 16.04.2002, Application no. 37971/97; Ravon, 21.02.2008, App. no 18497/03; Primagaz,
21.12.2010, Application no. 29613/08; Canal Plus, 21.12.2010, Application no. 29408/08; Vinci
Construction and o. v France, 2.04.2015, Application nos. 63629/10 and 60567/10.
ECB’s supervisory powers without prejudice to the protection of business premises

to the extent that it is recognized in the relevant national law”.315
Even in the rare cases where at the national level judicial control is required,
however, national authorities do not enjoy full reviewing powers over on-site inspec-
tions. That is because, under Article 13(2) SSM R, national judges are entrusted
only with the control over the proportionality of the measure adopted, exclusively in
order to assess whether the ECB decisions are arbitrary or excessive. They are how-
ever excluded from any review on the matter, that is, for instance, on the necessity
to enforce an on-site inspection with regard to the specific subjects involved, and on
the aims pursued—which remain under the sole discretion of the ECB.
In this sense, whilst national judges may ask the ECB for detailed explanations
relating to the grounds for suspecting that an infringement has occurred, to the seri-
ousness of the suspected infringement and to the nature of the involvement of the
person subject to the coercive measures, the same authorities are not entitled to
review any of these parameters, nor allowed to be shown the ECB’s files on the
matter.316
From one side, this allocation of competence appears in line with the margin of
appreciation recognized by the Court in Strasbourg in case of decisions to be taken
in areas in which discretion plays a relevant role.317
Such a relationship between national and European bodies also seems to mirror
the competition case-law of the Court of Justice established by Roquette Frères,
according to which “competent national court, when considering the matter, may
not substitute its own assessment of the need for the investigations ordered for that
of the Commission, the lawfulness of whose assessments of fact and law is subject
only to review by the Community judicature […] The review carried out by the
competent national court […] may not go beyond an examination, as required by
315
316
Similarly, in this sense, also the new supervisory powers conferred to ESMA with regard to
equity and lending crowdfunding activities, cf. Article 24(9) to (11), Commission Proposal for a
Regulation of the European Parliament and of the Council on European Crowdfunding Service
Providers (ECSP) for Business, Brussels, 8.3.2018 COM(2018) 113 final. Partially derogating to
this approach is instead another case concerning down raids and specifically inspections (Deutsche
Bahn AG and o., Case C‑583/13 P, 18.06.2015, ECLI:EU:C:2015:404, §§ 34–37). There the CJEU
argued that such a review carries out «an in-depth review of the law and of the facts on the basis of
the evidence adduced by the applicant», so as to satify both what required by Articles 7 and 8
ECHR, and Article 7 CFREU. The scope of such a review, however, did not extend as to the power
to return documents seized in the inspection or order the destruction of unlawfully seized material.
Such allocation of competence appears more demanding compared to the aforementioned ECtHR
case-law Delta Pekárny, as well as with other CJEU jurisprudence concerning dawn raids; cf.
Steene (2016), p. 185 et seq.; Di Federico (2013), p. 31; and Neruda and Barinka (2015), p. 413.
Relying more on the margin of appreciation doctrine, cf. e.g. Funke v. France, § 55; Camenzind v
Switzerland, 16.12.1997, Reports of Judgments and Decisions 1997-VIII, § 45; Société Colas Est
and others v France, 16.04.2002, Application no. 37971/97, §§ 47.
317
In this sense, see Funke v. France, § 55; Camenzind v Switzerland, 16.12.1997, Reports of
Judgments and Decisions 1997-VIII, § 45; Société Colas Est and others v France, 16.04.2002,
Application no. 37971/97, §§ 47.
Community law, to establish that the coercive measures in question are not arbitrary
and that they are proportionate to the subject-matter of the investigation. Such an
examination exhausts the jurisdiction of that court as regards the review of the jus-
tification of the coercive measures applied”.318
The second case in which national judges could be involved as a reviewing juris-
diction, even if not explicitly mentioned in the SSM Regulations, concerns the three
complex situations previously illustrated, in which the ECB enjoys some powers
under national law, at least to a certain extent: i) When the ECB exercises indirect
sanctioning powers under Article 18(5) SSM R, requiring the competent NCA to
proceed according to its national framework; ii) under Article 4(3) SSM R, when the
ECB is entitled to directly apply national law implementing EU directives or exer-
cising options and discretions; or iii) when the ECB applies supervisory measures
under Article 9 SSM R, instructing NCAs to make use of their powers, under and in
accordance with the conditions set out in national law.
These cases, as already argued,319 may result particularly sensitive in practice
since they involve national and Union authorities, that theoretically could both
claim competence to review the adopted measures. In this context, however, it is
possible to apply the case-law of the Court of Justice, mostly developed in the fields
of State aid and competition law, according to which the allocation of full reviewing
powers depends upon which authorities is entitled to exercise discretion in the
proceeding,320 that is, in the SSM context, on whether the ECB or the NCA are
granted discretion in imposing a certain measure.
In light of the reconstruction of the SSM sanctioning and supervisory powers
illustrated above,321 in case i) it could be affirmed (still in lack of CJEU decisions on
the matter directly applicable to the ECB), that the discretion in imposing sanctions
under Article 18(5) SSM R remains exclusively in the hands of the NCAs. The latter
have to start a proceeding after the ECB requests so, but are not bound by any obli-
gation as to result to be achieved. In this situation, therefore, national courts should
be the only authorities competent to adjudicate, with full jurisdiction, the sanctions
potentially imposed.322
Opposite conclusions, on the other side, shall be drawn for case ii), since there it
is the ECB which seems to retain substantial discretion in the application of the
318
Roquette Frères SA v Directeur général de la concurrence, de la consommation et de la répres-
sion des fraudes, and Commission of the European Communities, Case C-94/00, 22.10.2002,
ECLI:EU:C:2002:603, §§ 39–40. Cf. also Lamandini et al (2015), p. 73 et seq.
319
Cf. Sects. 4.4 and 4.4.1.
320
As discussed in Sect. 4.4.1. See also Stichting Woonlinie et al v Commission, Case C-133/12 P,
27.02.2014, ECLI:EU:C:2014:105, § 55 et seq.; NV International Fruit Company v Commission,
Cases 41-44/70, 13.05.1971, ECLI:EU:C:1971:53, §§ 25–26. For further analysis, see Arons
(2015), p. 445 et seq.
321
Cf. Sect. 4.4. Cf. also Voordeckers (2019).
322
In this sense, see Fernandez-Bollo (2015), p. 143.
measure(s): This situation hence follows under the jurisdiction of the Court of
Justice.323
Confirmation in this sense arrives from the 2018 joined cases concerning la
Caisse régionale de crédit agricole mutuel, in which the CJEU was called to decide
on an ECB decision based on Article 4(3) SSM R. The case concerned the applica-
tion, by the SSM, of French national law transposing provisions of CRD IV regard-
ing good governance of credit institutions (and in particular Article L. 511-13 of the
French Code monétaire et financier), which brought the ECB to oppose the appoint-
ment of a number of subject as ‘effective directors’, for violation of the rules requir-
ing a separation between the exercise of executive and non-executive functions
within a credit institution’s management body.
In assessing the case, the Court of Justice had therefore to interpret French
national law although, according to its settled case-law,324 taking into account “the
interpretation given to them by national courts”.325
Case iii), on the other side, remains an open issue. As will be argued below, in
fact, here the potential jurisdiction of the CJEU seems at the same time uncertain,
and harbinger of revolutionary changes to the role of the Court itself in the balance
of powers within Union.326
Against this background, anyway, at present national judicial authorities can be
considered a body with “full jurisdiction” as required by Articles 6 ECHR and 47
CFREU only for the case of Article 18(5) SSM R (if the Court of Justice will con-
firm that NCAs do retain discretion in their action in this context), of course assum-
ing that further limitations to the scope of the review granted before national
authorities are not provided for in national law.
On a different level, little contribution to the compliance of the SSM sanctioning
proceedings with the right to a full judicial review comes from the Administrative
Board of Review (ABoR).
As already illustrated, the nature of the Board itself is rather controversial, since
it presents a unique and hybrid model which has so far no comparison in other so-
323
In this sense, see also Allegrezza and Rodopoulos (2017), p. 245; see also Allegrezza and
Voordeckers (2015), p. 159; Arons (2015), p. 442.
324
Cf., e.g., Criminal proceedings against Rémy Schmit, Case C-240/95, 27.06.1996,
ECLI:EU:C:1996:259, § 14; European Commission v Slovak Republic, Case C-433/13, 16.09.2015,
ECLI:EU:C:2015:602, § 81.
325
Caisse régionale de crédit agricole mutuel Alpes Provence and Others v European Central
Bank, Joined Cases T-133/16 to T-136/16, 24.04.2018, ECLI:EU:T:2018:219, §§ 84-88. See
Lamandini (2015), p. 130 et seq., according to: “Another possibility would be to read the provi-
sions as meaning that, through the application of the ECB, national law becomes EU law. In such
case the CJEU would be entitled to make the authoritative interpretation, and could well answer
the preliminary reference without having to make the balancing act of all the superimposed layers
of competences. However, this would strain the express language of the provision, which refers to
“national law”; it would also put the CJEU in the extremely uncomfortable position of having to
determine the authoritative interpretation of domestic law, something that the Court was extremely
unlikely to do and careful in avoiding so far”.
326
See also above Sect. 4.4.1.
called “quasi-judicial” European reviewing bodies.327 Far from exercising an

“unlimited jurisdiction”, the Board may only express an opinion on the legitimacy
of the draft decision adopted by the Governing Council, without any competence to
question its merit unless manifestly wrong or disproportionate.328
In light of Article 47 CFREU, moreover, the ABoR cannot be identified as a
proper “tribunal” either. Indeed, contrary for instance to the ESAs Joint Board of
Appeal, whose decisions are binding for the Authority that issued the challenged
act,329 the ABoR does not have any legal decision-making power.
Following the Board’s review, the Supervisory Board has to submit a new draft
decision for the non-objection procedure, in which the opinion of the ABoR shall be
taken into account: That does not mean, however, that the Supervisory Board is in
any way bound to align the content of the new decision to the furnished opinion.330
Against this background, therefore, the current structuring of the Administrative
Board of Review is not capable to provide a remedy to comply with the “unlimited”
or “full judicial review” required under Articles 6 ECHR and 47 CFREU. Besides
for national courts, therefore, the only other “tribunal” which is conferred jurisdic-
tion in reviewing the lawfulness of the acts adopted by the ECB remains, according
to Articles 13 and 24(11) SSM R, the Court of Justice.331
The jurisdiction of the CJEU with regard to the Single Supervisory Mechanism,
however, appears critical under several perspectives. A first, more general issue,
already raised, concerns the scope of jurisdiction of the Court when it examines
measures adopted by the SSM under Article 4(3) or Article 9(1) SSM R in applica-
tion of national law.
In particular, the Court could be called to question national law both in case the
latter is wrongly applied by the ECB, or when its application, although correct at the
domestic level, results in contrast with EU law.332 In line with what already argued
concerning the possibility for an EU institution to apply national law,333 the case of
Article 4(3) SSM R appears less problematic in light of the balance of powers cur-
rently established in the EU. Indeed, even though reviewing national law generally
327
See above Sect. 4.4.3, leaving the ABoR’s structure open to possible reforms in the future, in
which the Board might be required either to reduce its action to internal advisory functions, or to
extend to an (at least more) judicial set-up. See also Brescia Morra (2016); Brescia Morra et al
(2017).
328
Idem.
329
Cf. Article 60(5) ESAs Regulations. Contrary to the ABoR, however, the ESAs Joint Board of
Appeal cannot rule on the merit of the assessment, as it may only “confirm the decision taken by
the competent body of the Authority, or remit the case to the competent body of the Authority”, cf.
Looseveld (2013a), p. 9. See above, Sect. 4.4.3. Cf. also Chirulli and De Lucia (2015).
330
Cf. Article 24(7) SSM R as discussed above in Sect. 4.4.3.
331
The CJEU jurisdiction is also provided for by Article 35 of the Statute of the European System
of Central Banks. On this point see also Looseveld (2013b), p. 425.
332
Cases identified by Magliari (2015), p. 1371 et seq. In the first case, in fact, a violation of
national law would represent a violation of Article 4(3) SSM R, therefore challengeable before the
ECJ according to Article 263 TFEU.
333
See above Sects. 4.4 and 4.4.1.
remains in the exclusive competence of national authorities, the possibility for a

supranational court to apply, and therefore interpret, domestic provisions is not
unprecedented in the European context.
Examples of it may be found for instance in patent law, where the Unified Patent
Court is authorized to apply national law, besides for EU law and relevant interna-
tional sources,334 and also in the same jurisdiction of the Court in Strasbourg, which,
in examining the compliance of domestic systems with the Convention, often has to
interpret the first before carrying out its assessment.
Similar cases already exist also with regard to the same CJEU: Here the refer-
ence goes to Article 272 TFUE, that allows the Court of Justice to apply national
law when deciding pursuant to an arbitration clause,335 and to the already mentioned
sector of trade marks protection.336
Indeed, according to Article 65(2) of Regulation 207/2009, decisions of the
Boards of Appeal concerning actions taken by the European Union Intellectual
Property Office (EUIPO) may be challenged before the CJEU on ground of “lack of
competence, infringement of an essential procedural requirement, infringement of
the Treaty, of this Regulation or of any rule of law relating to their application or
misuse of power”. Since, according to Article 53(2) of the same Regulation, national
law is among the sources of law which may be used to declare a trade mark invalid,
the interpretation and application of domestic law also fall under the scope of review
of the Court of Justice. Similar considerations could thus be referred also to the
ECB application of national law under Article 4(3) SSM R.
Much more critical, instead, appears the possibility for the CJEU to review
national legal acts adopted upon ECB instructions under Article 9(1) SSM R.
As already mentioned, in light of the case-law concerning “composite proceed-
ings”, the lack of discretion that (from the wording of Article 9) seems to character-
ize the action of national authorities, might indicate that also this case falls under the
jurisdiction of the Court of Justice.337 This approach, however, would cause the
CJEU to be competent also in reviewing legal acts issued (at least formally) by
national authorities, a power that so far remained under the exclusive competence of
national courts. Indeed, in the case of Article 4(3) SSM R, or in trademarks law, the
(already exceptional) CJEU jurisdiction over national law is determined by specific
references made to the latter in EU law.
From Article 9, however, a much more revolutionary principle may be deduced,
according to which the Court of Justice could be competent to review legal acts
issued by national authorities, as long as an EU institution may instruct national
authorities to act in its name, and the matter concerned falls within the competence
of the Union. This new model of review would radically challenge also the prelimi-
334
Cf. Article 24(1) let. e), Agreement on a Unified Patent Court (UPC Agreement) of 19.02.2013,
OJ EPO 2013, 287.
335
Cf. Kornezov (2016), p. 270.
336
See above Sects. 4.4 and 4.4.1.
337
Cf. International Business Machines Corporation v Commission of the European Communities,
Case 60/81, § 10, as discussed above in Sect. 4.4.1.
nary ruling mechanism, which founds one of raisons d’être precisely in the separa-
tion of jurisdiction between the Union and the national level. Whether the Court will
pursue this federally-oriented interpretation, and accept standing for decisions
adopted under Article 9(1) SSM R is hard to be foreseen at present, especially tak-
ing into account the political difficulties of the European integration process over
the last few years.
The judges in Luxembourg could perhaps avoid to state on the matter applying a
stricter interpretation of the Plaumann test,338 denying as such “direct” character
before the Court to the “concerns” of the individuals affected by a legal acts adopted
by a national authority following the ECB instructions, and therefore declaring the
inadmissibility of such actions to bring proceedings.
However, given the novelty of this provision, the issue remains presently open,
and it will be possible to fully understand how, and with which implications it could
be solved, only once the CJEU will start issuing decisions on the matter.
A second critical issue concerning the role of the Court of Justice as an authority
capable of providing a “remedy” to fair trial lacunas in the SSM sanctioning pro-
ceedings, regards the very scope of the CJEU jurisdiction. Indeed, as anticipated,
according to Article 261 TFEU, Regulations adopted by the Council (such as the
SSM Regulation) may confer unlimited jurisdiction to the Court upon the penalties
there included.
Currently, however, and contrary for instance to other comparable legislation,339
no such a provision may be found in the SSM Regulations, with the single exception
of Article 18(7) SSM R.
This provision recalls Regulation 2532/98, which at Article 5, actually estab-
lishes that—for final decisions whereby a sanction is imposed—full jurisdiction is
granted to the Court of Justice. Against this background, therefore, to date the CJEU
appears to be granted full jurisdiction only with regard to the cases recalled by
Article 18(7) SSM R, that is periodic pecuniary penalties and other pecuniary penal-
ties applied due to a violation of an ECB decision.
Without circumventing the wording of Article 18(5) SSM R, in fact, it seems
unlikely that Article 5 Regulation 2532/98 might be extensively applied also to the
other hypothesis of Article 18.340
338
See above, Sect. 6.3.2.
339
Cf., e.g., Regulation 1/2003 in antitrust proceedings, that will be examined at the end of the
paragraph. Unlimited jurisdiction for the CJEU may be found also in the Commission’s Proposal
to reform the ESAs (Brussels, 20.9.2017 COM(2017) 536 final 2017/0230 (COD) cit., and in
Article 33 of the Commission Proposal for a Regulation on Crowdfunding Service Providers, cit.,
according to which “The Court of Justice shall have unlimited jurisdiction to review decisions
whereby ESMA has imposed a fine or a periodic penalty payment or imposed any other sanction
or administrative measure in accordance with this Regulation. It may annul, reduce or increase the
fine or periodic penalty payment imposed”.
340
In this sense, it is worth recalling that the 2017 Commission’s Proposal to reform the ESAs
(Brussels, 20.9.2017 COM(2017) 536 final 2017/0230 (COD) cit.) provides for an explicit intro-
duction of the clause of CJEU unlimited jurisdiction.
In particular, Article 18(4) establishes that “The ECB shall apply this Article in
accordance with the acts referred to in the first subparagraph of Article 4(3) of this
Regulation, including the procedures contained in Regulation (EC) No 2532/98, as
appropriate”. As it has been pointed out, however, Article 5 Regulation 2532/98 “is
not strictly speaking a rule of procedure that ECB is bound to apply”.341
Indeed, the possibility that the choice of granting the CJEU full jurisdiction
could be (more or less implicitly) framed in “the procedures contained in Regulation
2532/98”, when the Treaty requires an explicit indication to achieve so, appears
uncertain,342 especially considering that this “unintended” consequence might have
great practical and political impacts both on the ECB and the CJEU workload.343
This conclusion seems to find confirmation also in Article 6 Regulation 2532/98,
according to which «in the event of a conflict between the provisions of this
Regulation and provisions of other Council Regulations [as it is the case of the SSM
R] enabling the ECB to impose sanctions, the provisions of the latter shall
prevail».
In light of the express request of Article 261 TFEU, it could be argued that the
silence of the SSM Regulation on the matter of unlimited jurisdiction to the CJEU
is able to cause a “conflict” between the two regulations when it comes to sanctions
imposed under Article 18(1) SSMR. A conflict which according to the aforemen-
tioned Article 6, shall be solved in favour the SSM R.344
In this sense, it is worth reminding that the extension of the Court’s competences
established by the Lisbon Treaty has already increased the workload of the CJEU,
raising multiple concerns about the capability of the Court to deal with a constantly
increasing number of pending cases in a reasonable time345—and these concerns
endure also after the last recent reform of September 2016, that brought to the aboli-
tion of the Civil Service Tribunal and to the hiring of new judges.346
341
342
Cf. Lamandini (2015), p. 137; Lamandini et al (2015), p. 91 et seq., defining this lack of explicit
full jurisdiction as a “subtle ‘courts unwelcome’ sign in the SSM framework”. Opting for a positive
answer Ligeti, Robinson (2017), p. 232.
343
Cf. Lamandini (2015), p. 137. Opting for a positive answer Ligeti and Robinson (2017), p. 232.
344
Cf. also Article 121 SSM FR, that seems to distinguish the relationship of the SSM FR with
Regulation 2532/98 for the purpose of applying sanctions under Article 18(1) and 18(7) SSM
R. Cf. also Lamandini et al. (2015), p. 92 highlighting how the ECB did not list among the conflicts
between the SSM rules and Reg. 2532/98 the issue of judicial review, see ECB Proposal for
amending Regulation (EC) No 2532/98 concerning the powers of the European Central Bank to
impose sanctions, OJ C 144/6 15 April 2014.
345
See, e.g., House of Lords (2013), following a first report in 2011 and still maintaining some
concerns about the capability of the new structure to deal with its workload. In 2016, the average
duration of review proceedings (direct action) was 19.3 months; of appeal proceedings was
12.9 months; of preliminary rulings proceedings was 15 months (2.7 in case of urgent procedures),
source: CJEU (2016), p. 100. Questioning the lack of specialisation in the criminal matter within
the CJEU, Manacorda (2013), p. 244.
346
See Regulation (EU, Euratom) 2015/2422 of 16.12.2015 amending Protocol No 3 on the Statute
of the Court of Justice of the European Union, and Regulation (EU, Euratom) 2016/1192 of
6.06.2016 on the transfer to the General Court of jurisdiction at first instance in disputes between
the European Union and its servants.
This is especially critical since it appears obvious that (if the Eurozone endures
too) litigations involving the ECB and specifically the SSM are intended to rapidly
increase.
In this sense, it should be enough to consider that, only in 2015–2019, several are
already the causes lodged before the CJEU and the number appears destined to
grow.347
In the first case of July 2017 (now final), the Irish bank Permanent tsb Group
Holdings plc was imposed pecuniary fines under Article 18(7) SSM R for an overall
amount of EUR 2.5 million for failure to comply with two ECB decisions imposing
specific liquidity requirements.348
In the second case, of August 2017, the Italian Banca Popolare di Vicenza S.p.A.
(currently wound up) was fined under Article 18(1) SSM R for an overall amount of
EUR 11.2 million for several breaches of the CRR prudential requirements.349 In
this specific case, the opportunity to examine the SSM sanctions under a criminal
law perspective seems to find a confirmation in the same ECB public announcement
of the decision, which highlighted how “although the banking license of Banca
Popolare di Vicenza S.p.A. in L.C.A was subsequently withdrawn, the penalties
imposed take into account the severity of the breaches and the degree of responsibil-
ity of the entity”—parameters which seems to closely mirror the two main Engel
criteria.350
In the third case, of 14 March 2018, Banco de Sabadell, S.A. was fined under
Article 18(1) SSM R for an amount of EUR 1.6 million for “continuous breach of
347
Among which: Landeskreditbank Baden-Württemberg - Förderbank v European Central Bank,
Case T-122/15; Caisse régionale de crédit agricole mutuel Alpes Provence and Others v European
Central Bank, Joined Cases T-133/16 to T-136/16; Crédit mutuel Arkéa v European Central Bank,
Case T-52/16, currently appealed before the Court in Crédit Mutuel Arkéa v ECB, Case C-153/18
P, 23.02.2018; Crédit mutuel Arkéa v European Central Bank, Case T-712/15, currently appealed
before the Court in Crédit mutuel Arkéa v ECB, Case C-152/18 P, 20.04.2018; and the following
pending [information not yet available]: Fursin and Others v ECB, Case T-247/16, Order
12.09.2017, Application of 8.07.2016, ECLI:EU:T:2017:623, currently appealed before the Court
in Case C-663/17 P, 24.11.2017 and in case Trasta Komercbanka AS, Ivan Fursin, Igors Buimisters,
C & R Invest SIA, Figon Co. Ltd, GCK Holding Netherlands BV, Rikam Holding SA v ECB, Case
C-669/17 P, 28.11.2017; Fursin and Others [former Trasta Komercbanka and Others] v ECB,
T-247/16 (Application of 08/07/2016) and T-698/16 (Application of 11/11/2016); Fininvest and
Berlusconi v ECB, Case T-913/16, of 10.02.2017; Comprojecto-Projectos e Construções, Lda and
Others v European Central Bank, Case T-22/16, Order of 9.03.2017, Application of 4.03.2016,
ECLI:EU:T:2017:172; Berlusconi and Fininvest, Case C-219/17, of 11.08.2017.
348
Cf. ECB, Imposition of administrative penalties on Permanent tsb Group Holdings plc,
13.07.2017 (published in August 2017). https://www.bankingsupervision.europa.eu/banking/sanc-
tions/shared/pdf/ssm.170828_publication_template.en.pdf. Accessed 17 July 2018.
349
In particular of Article 99(1)—referring to the own funds requirements of Article 92 CRR;
431 in connection with Article 437; and Article 395, cf. ECB, Imposition of administrative penal-
ties on Banca Popolare di Vicenza S.p.A. in liquidazione coatta amministrativa, 24.08.2017 (pub-
lished in September 2017). https://www.bankingsupervision.europa.eu/banking/sanctions/shared/
pdf/ssm.170911_publication_template.en.pdf. Accessed 17 July 2018.
350
ECB, Press release of 15.09.2017. https://www.bankingsupervision.europa.eu/press/pr/
date/2017/html/ssm.pr170915.en.html. Accessed 17 July 2018.
the own funds requirement”.351 This last decision was challenged by sanctioned
credit institution before the Court of Justice pursuant to Article 263 TFEU. In three
subsequent cases, of 16 July 2018, the ECB sanctioned CA Consumer Finance,
Crédit Agricole Corporate and Investment Bank, and Crédit Agricole, S.A also for
violations of own funds requirements. These decisions too were challenged before
the CJEU.
In December 2018, Novo Banco SA was fined by the ECB for “breaches of
reporting requirements” under Article 18(1) and then two times for violations of
ECB decisions under Article 18(7) SSM R.
Lastly (so far) in February 2019, Sberbank Europe AG was fined for “breaches
of the large exposure requirements” again under Article 18(1).352
It is possible, therefore, that in the next future the CJEU will have to take position
on the problem as to how far the legality review of Article 263 TFEU could be
stretched to tackle also profiles of merit (although for instance, in Banco de Sabadell
SA the main complaint concerned the lack of anonymization of the sanctions, while
the most critical aspect for the CJEU jurisdiction concerns instead the kind and the
amount of the penalty imposed).
A further and last hint of the limited nature of the jurisdiction of the CJEU in this
field seems to emerge also from the arguments expressed by the same Court in the
aforementioned cases Chalkor and Telefónica. It should in fact be reminded that the
CJEU considerations that the model of jurisdiction established under Article 263
TFEU allows the Court to “establish whether the evidence put forward is factually
accurate, reliable and consistent” and “determine whether that evidence contains all
the relevant data that must be taken into consideration”353 have all been made within
the specific matter of competition law. Antitrust Regulation No. 1/2003, which
under a different perspective provides for far less procedural guarantees than the
SSM Regulations, contrary to the latter however explicitly confers unlimited juris-
diction to the Court of Justice, as requested by the Article 261 TFEU.354
In lack of a correspondent provision in the SSM Regulations, and in light of
Recital (60) SSM R, according to which “pursuant to Article 263 TFEU, the CJEU
is to review the legality of acts of, inter alia, the ECB, other than recommendations
and opinions, intended to produce legal effects vis-à-vis third parties” (italics
added), the CJEU jurisdiction on the SSM decisions, appears confined to a narrower
interpretation of Article 263 TFEU, in which the merit of the sanction applied seems
hardly challengeable.
In the current wording of the SSM Regulations, therefore, the CJEU seems capa-
ble of nullifying a decision, even if containing a substantially criminal sanction,
only when it is manifestly wrong, which clearly does not constitute “full review” in
351
ECB, Imposition of administrative penalties on Banco de Sabadell, S.A., 14.03.2018 (published
in May 2018). https://www.bankingsupervision.europa.eu/press/pr/date/2018/html/ssm.pr180508.
en.html. Accessed 17 July 2018.
352
For reference and a complete and update list of sanctions imposed, see https://www.bankingsu-
pervision.europa.eu/banking/sanctions/html/index.en.html.
353
Cf., e.g., Telefónica SA, Case C-295/12 P, § 54.
354
Cf. Recital (33) and Article 31, Regulation 1/2003.
the sense of the Convention. In this sense, in fact, it seems irrelevant that the Court
could, in line with the approach chosen in competition law, self-restrict its scope of
review for particularly complex technical matters: What is relevant, for the compli-
ance with Article 6 ECHR is indeed the possibility for a judicial body to quash also
the merit of a decision (which, under the SSM Regulation, does not seem to cover
sanctions under Article 18(1) SSM R), and not the circumstance that such a review
is concretely carried out in the specific case.
Conferring the CJEU full jurisdiction through a legislative amendment to the
SSM Regulations appears therefore increasingly necessary and urgent, if the sanc-
tioning bodies and proceedings are maintaining the internal administrative struc-
ture, and the Engel case-law keeps holding also in the EU (not to mention if the EU
accesses the ECHR).355 The worst scenario, in fact, could see each and every sanc-
tion imposed by the SSM, even with the best reasons on the merit, being invalidated
due to procedural violations of fair trial rights that cannot be remedied before a
judge granted with powers of full judicial review.356
6.3.4 Right of Legal Assistance and Right to a Public Hearing
Two other fundamental fair trial rights, already applicable also to administrative
proceedings in light of the Charter, result also relevant in the SSM sanctioning pro-
cedure, that is the right to assistance, and the right to a public hearing.
According to Article 47(3) CFREU, everyone whose rights and freedoms guar-
anteed by the law of the Union are violated has the right to be “advised, defended
and represented”. In its application to the criminal matter, this right refers more
specifically to “legal” assistance, and is further detailed by Article 6(3)(c) ECHR,
and by Directive 2013/48/EU which implemented most of the ECtHR case-law. The
scope of the directive, however, refers (at least formally) only to the criminal matter
stricto sensu, and therefore has no explicit application to the matter of banking
supervision.357
355
Of this opinion, e.g., Arons (2015), p. 474; Ter Kuile et al. (2015), p. 183.
356
In this sense, it is worth reminding that one of the key issues that brought to the decision of non-
compliance of the proceedings before the Commission bancaire with Article 6 ECHR was pre-
cisely the absence of full jurisdiction in the judicial review then established for imposed supervisory
sanctions, cf. Dubus S.A. v France, §§ 65–71.
357
Directive 2013/48/EU of 22.10.2013 on the right of access to a lawyer in criminal proceedings
and in European arrest warrant proceedings, and on the right to have a third party informed upon
deprivation of liberty and to communicate with third persons and with consular authorities while
deprived of liberty, Official Journal of the European Union, L 294/1. Highlighting how the
Directive missed an opportunity in not extending its scope also to the administrative punitive mat-
ter, in light with the Engel case-law, Centamore (2016), p. 6.
The right to legal assistance plays a fundamental role to ensure that all other fair
trial rights are correctly applied, and to protect the accused against abusive coercion
on the part of the authorities.358
As recognized by the Court in Strasbourg, as well as by Directive 2013/48, in
criminal proceedings the right to legal assistance applies in favour of suspects from
the time when they are made aware by the competent authorities, by official notifi-
cation or otherwise, that they are suspected or accused of having committed a crimi-
nal offence, that is to say, also in pre-trial phases.359
Article 6(3)(c) ECHR, moreover, requires legal assistance to be “practical and
effective”, meaning that counselling conditions shall concretely allow the defendant
to enjoy this right without undue delay.360 Nonetheless, the right to legal assistance
is not considered absolute by the ECtHR case-law.
According to the test developed in Salduz, and in the following case-law (as well
as in Directive 2013/48, although not equally transposed by Member States361),
compliance with Article 6 ECHR shall be assessed on the basis of a double test, to
determine: (a) Whether there were “compelling reasons” to restrict access to legal
assistance; and (b) whether, even when a restriction on access to legal advice was
justified by compelling reasons, the admission of a statement made in lack of legal
358
Salduz v. Turkey, 27.11.2008, Application no. 36391/02, §§ 53-54; Ibrahim and others v. The
UK, 16.12.2014, Applications nos. 50541/08, 50571/08, 50573/08 and 40351/09 (hereinafter
“Ibrahim 2014”), § 192. On this line, Trechsel (2005), p. 245 (calling them “the Technical Aspect”
of the right to defence); with regard to the EU legal framework, Mosna (2017), p. 963; Symeonidou-
Kastanidou (2015), p. 69; Ðurðević (2016), p. 19 et seq.; Granner and Raschauer (2014), p. 676.
359
Cf., e.g., Salduz v. Turkey, § 50; Öcalan v Turkey, 12.05.2005, Application no. 46221/99, §§
131-135; Dayanan v Turkey, 13.10.2009, Application no. 7377/03, §§ 30-31; Imbroscia v
Switzerland, 24.11.1993, Application no. 13972/88, § 36; Campbell and Fell v the United Kingdom,
§ 99; Goddi v Italy, 9.04.1984, Application no. 8966/80, § 31. See also Article 2, Directive 2013/48,
and Trechsel (2005), p. 282 et seq.
360
Cf. Artico v Italy, 13.05.1980, Application no. 6694/74, § 33. Sayers (2014), p. 1340 et seq.;
Mosna (2017), p. 965; Trechsel (2005), p. 286 which assesses the issue of quality of defence.
The crucial debate about the waivers to the right of legal assistance, both in the ECtHR case-
law and in Directive 2013/48/EU of 22.10.2013, on the right of access to a lawyer in criminal
proceedings and in European arrest warrant proceedings, and on the right to have a third party
informed upon deprivation of liberty and to communicate with third persons and with consular
authorities while deprived of liberty, which represents a fundamental issue in criminal proceed-
ings, is not analysed in this work, as it does not appear relevant for the SSM sanctioning proceed-
ings; for a recollection of the legal debate on the matter however, see, among others, Tomkin
(2014), pp. 1377–1378; Centamore (2016); Mosna (2017), p. 965 et seq. The conditions from
which the right to legal assistance attached represent a fundamental critical problem in the defini-
tion of this right; however this profile does not raise special problems in the field of banking super-
vision. For an analysis of the critical issues related to it in criminal proceedings, especially with
regard to the suspect’s questioning when the defendant is deprived of its personal freedom, see,
among others, Mosna (2017), p. 967 et seq.; Tomkin (2014), pp. 1377–1378; Bubula (2013).
361
As acknowledged by both legal scholars (see, e.g. Anagnostopoulos (2014), p. 4 et seq.; Cape
and Hodgson (2014), pp. 462 and 476), and by the same Court in Strasbourg (A.T. v Luxembourg,
9.04.2015, Application no. 30460/13).
assistance would cause such an undue prejudice to the applicant, so as to undermine

the fairness of the proceedings as a whole.362
In the context of the SSM sanctioning proceedings, the right of legal assistance
is not provided for by the SSM Regulation (issued by the Council), that refers only
in general to “due process” rights, but in the SSM Framework Regulation, which is
a subordinated piece of legislation issued by the same ECB. There, this right is
established for all ECB supervisory procedures363 by Article 27 SSM FR. In case an
oral hearing is called by the Investigating Unit, the right is also provided for by
Article 126(3) SSM FR. In any case, legal assistance in ensured by the SSM FR
only to “parties” to the ECB supervisory procedures which, according to Article 26
SSM FR, do not seem to include all the subjects that may be interviewed by the
ECB (such as staff or representatives of the supervised entities, listed in Article 11
SSM R).
The relevance of this lacuna in assessing the fairness of the SSM sanctioning
proceedings shall not be underestimated; however, it should also be recalled that,
most of CRR violations which may be directly sanctioned by the ECB under Article
18(1) SSM R are “quantitative”, rather than “qualitative” breaches (such as irregu-
larities in liquidity, or capital buffer requirements). It is therefore reasonable to sup-
pose, that most evidence that will be needed to prove such infringements would be
represented by documents, rather than by oral testimony.
Moreover, natural persons which are interviewed by the ECB cannot in any case
become the target of a punitive proceeding in the SSM context, given the limitations
of supervisory sanctioning powers only against legal entities.364 Nonetheless, in
case their conduct could constitute suspicion of a crime (such as obstruction of
supervisory functions) these subjects may be held liable under national law.
According to Article 136 SSM FR, the ECB is indeed under a duty to refer suspects
of criminal activities to the competent NCA.365
The last fair trial right analysed here among those applicable both to criminal and
“purely” administrative proceedings, is the right to a public hearing. The rights
provided for by Article 47 CFREU and Article 6(1) ECHR, where, as mentioned
above, it is strictly linked with the right to an oral hearing.
A public hearing is a fundamental guarantee for the defendant, as it prevents to
deal litigations away from public scrutiny, therefore increasing the control over the
respects of fundamental rights, and contributing to maintain public confidence in
362
Cf. Salduz v Turkey, § 50; John Murray v The UK, 28.10.1994, Application no. 18731/91, § 63;
for a more recent application, in which the right was limited in the context of anti-terrorism inves-
tigations, see Ibrahim 2014, §§191 et seq. Among the many academic comments on the issue see,
e.g., Mosna (2017), p. 964; Trechsel (2005), p. 345; Tomkin (2014), pp. 1377–1378. Limitations
to the right of access to a lawyer are provided for also by Article 3 of Directive 2013/48. Critical
on these provisions Anagnostopoulos (2014), p. 12 et seq.; Symeonidou-Kastanidou (2015), p. 76
et seq.; Mosna (2017), p. 968 et seq.
363
Cf. Article 2(24) SSM FR; see also, however, Lamandini et al (2015), p. 75 et seq.
364
365
Cf. above, Sect. 6.1.3, and below, Sect. 6.3.6. See also Sect. 4.4.3.
the administration of justice.366 Derogations to the right to hold a public hearing are
however most common in administrative proceedings.
This includes the Single Supervisory Mechanism, as the SSM Framework
Regulation explicitly states that oral hearings, when they are set, “shall not be held
in public”.367
According to the ECtHR, a first remedy to such deficiency in the administrative
punitive matter is represented by the existence of the right to full judicial review
before a body granted with unlimited jurisdiction, in the terms described above.368
In this case, however, the lack of full judicial review for all types of SSM puni-
tive sanctions seems to bear consequences less severe than those foreseen for other
fair trial rights. Indeed, neither under the CJEU, nor under the ECtHR case-law on
criminal matter, the right to a public hearing is considered absolute,369 and deroga-
tions can be allowed in specific circumstances—mostly listed in Article 6(1)
ECHR—as long as they represent a proportionate response to pressing needs of a
democratic society.370
Among the reasons that justify not to hold a public hearing, particularly signifi-
cant for supervisory procedures is that jurisprudence of the ECtHR according to
which the open and public nature of proceedings may be limited in order to protect
particularly sensitive interests, such as morals, public order or national security in a
democratic society, or to the extent strictly necessary in the opinion of the court in
special circumstances where publicity would prejudice the interests of justice.371
Under this perspective, even though the “mere presence of classified information
in the case file does not automatically imply a need to close a trial to the public”,372
the extreme sensitiveness of the information dealt with by the ECB for the stability
of the whole European financial market, which are involved also in SSM sanction-
ing proceedings, might justify the need not to hold public hearings. This right, in
366
Cf. Pretto and Others v Italy, 8.12.1983, Application no. 7984/77, § 21.
367
Cf. Articles 24(2) and 126(3) SSM FR. Similarly also in Antitrust proceedings, see European
Commission (2012), p. 7/11—Right to be heard (3.2 at 32), according to which “The oral hearing
is not public”.
368
See before, Sect. 6.3.3. Cf. also Diennet v France, 26.09.1995, Application no. 18160/91, § 34;
Riepan v Austria, § 39.
369
Critical on the reasoning of the ECtHR in defending the value of this rights, Trechsel (2005),
p. 121, which underlines that “visitors are the exception, not the rule”, in judicial proceedings, and
that the assumption that if the public is represented “this will contribute to the fairness of the pro-
ceedings is somewhat naive”.
370
Taking inspiration from the limitations provided for by Articles 8-11 ECHR, see, e.g. Roman
Zakharov v. Russia, 4.12.2015, Application no. 47143/06, § 228 et seq.; see also Campbell and Fell
v the United Kingdom, § 86. For a detailed analysis of the ECtHR case-law on the exceptions and
limitations to this right, see Trechsel (2005), pp. 129–131; Harris et al. (2014), p. 433 et seq.
371
Such as the safety or privacy of witnesses or to promote the free exchange of information and
opinion in the pursuit of justice, cf. B. and P. v. the United Kingdom, 24.04.2001, Applications nos.
36337/97 and 35974/97, § 37. See also Riepan v Austria, § 27; Krestovskiy v Russia, 28.10.2010,
Application no. 14040/03, §24; Sutter v Switzerland, 22.02.1984, Application no. 8209/78, § 26;
Jussila v. Finland, §§ 41–43.
372
Belashev v. Russia, 4.12.2008, Application no. 28617/03, § 83; Welke and Białek v. Poland,
1.03.2011, Application no. 15924/05, § 77.
addition, may be also waived by the interested persons, as long as that occurs in an
unequivocal manner, and there is no important public interests to the contrary.373 In
this sense, it has been pointed out by legal scholars that the right to a public hearing
often does not represent a right for the accused—for whom, avoiding publicity
might frequently be an advantage—but rather an institutional guarantee, to be read
together with the right to freedom of expression set out in Article 10 ECHR.374
In the ECB supervisory proceedings, therefore, the non-public nature of oral
hearings does not seem to represent a critical issue neither for the rights of the par-
ties involved (which in supervisory matters could actually prefer hearings to be
private), nor for the fairness and efficiency of the SSM decisions, which should not
bear significant consequences in case hearing are not hold in public.
6.3.5 The Privilege Against Self-Incrimination
The assessment over the compliance of the SSM procedural safeguards with fair
trial rights appears instead especially critical with regard to the right not to incrimi-
nate oneself.
The privilege is already “one of the most complex guarantees in the entire body
of fundamental rights”375 in the context of criminal proceedings stricto sensu, due to
the difficulty in precisely defining the boundaries of this safeguard.
Even more so, in administrative proceedings re-classified as matière a coloration
pénale, the privilege against self-incrimination perhaps represents the right whose
application results most critical, in light of the traditional structure of administrative
investigations, and the procedural rights there provided.
In this context, the imputability of the privilege not only to the defence rights,376
but also to the presumption of innocence—underlined both at the academic level,377
by the case-law of the Court of Strasbourg,378 and clearly affirmed in Directive
373
Cf., e.g., Hakansson and Sturesson v Sweden, 21.02.1990, Application no. 11855/85, § 66;
Schuler-Zgraggen v Switzerland, 24.06.1993, Application no. 14518/89, § 58; Pauger v Austria,
28.05.1997, Application no. 16717/90, § 58.
374
Cf. Trechsel (2005), pp. 121–123.
375
Cf., e.g., Telfner v Austria, 20.03.2001, Application no. 33501/96, § 15; John Murray v. the UK,
08.02.1996, Application no. 18731/91, § 54; Melo Tadeu v Portugal, 23.10.2014, Application no.
27785/10, § 60; Vassilios Stavropoulos v Greece, 27.09.2007, Application no. 35522/04, § 39;
Barberà, Messegué and Jabardo,§ 77; Poletan e Azirovik v. Macedonia,12.05.2016, Application
nos. 26711/07, 32786/10 e 34278/10, § 64; Grande Stevens,§ 159.
376
See, e.g., Viering (2006), p. 626; Grevi (1972), p. 49 et seq.
377
See, among others, Trechsel (2005), p. 166; Nehl (2014), p. 1277 et seq.; Sayers (2014), p. 1303
et seq.; Illuminati (1979), p. 191 et seq.; Chenal and Tamietti (2012), p. 222 et seq.; Balsamo
(2015), p. 134 et seq. The inclusion of the privilege within the presumption of innocence is not
universally shared in the EU legal context see, e.g., Stumer (2010); Allegrezza (2017), p. 952;
Balsamo (2015), pp. 131–134.
378
Cf., e.g., Saunders v the UK, 17.12.1996, Application no. 19187/91, § 68; O’Donnell v the UK,
7.07.2015, Application no. 16667/10, concurring opinion of Judge Wojtyczek, § 3; Heaney and
2016/343 on the strengthening of certain aspects of the presumption of inno-

cence379—appears especially significant.
Since its very first wordings, in fact, the presumption of innocence has played an
essential role in ensuring that punitive proceedings comply with the principle of
human dignity and with the other fundamental rights of the parties potentially
affected.380
Such relevance, currently enshrined by most international legal sources dealing
with human rights protection,381 does not however always find an explicit and equiv-
alent recognition in all the domestic legal systems.382 This circumstance brought to
rather diverging results in different legal contexts.
In the US, for instance, where it is not covered by a specific Constitutional provi-
sion, the presumption faced a drastic downsizing of its scope in the last century,
passing—especially after the 1979 Supreme Court decision Bell v. Wolfish383—from
a fundamental bulwark of the individual’s rights against State abuses to a mere evi-
dentiary rule with generally no application to pre-trial proceedings.384
On the contrary, even before the entry into force of the Lisbon Treaty, several EU
Member States lacking an explicit indication of the presumption at the constitu-
tional level, have nonetheless been conferring it a constitutional relevance, and had
it play a fundamental role in safeguarding suspects and defendants.385
McGuinness v Ireland, 21.12.2000, Application no. 34720/97, § 40; Quinn v. Ireland, 21.12.2000,
Application no. 36887/97, § 40.
379
Cf. Recital (25) and Article 7. For the first general comments on the Directive see, e.g., Sayers
(2015); Cras and Erbežnik (2016), p. 25 et seq.; Lamberigts (2016a), p. 36 et seq.; Lamberigts
(2016b); Camaldo (2016); Canestrini (2016), p. 2224 et seq.; Lippke (2016). Cf. also Commission
Green Paper of 26 April 2006 on the presumption of innocence, COM (2006) 174 final.
380
For a reconstruction of the origin of the principle since ancient times, with a special focus on the
French and Anglo-American legal systems, see Quintard-Morénas (2010), pp. 107–149. See also
Helmholz et al. (1997); Baughman (2011); O’Boyle (2000), p. 1021.
381
Cf., e.g., Article 11(1) of the Universal Declaration of Human Rights of 1948; Article 14(2) of
the International Covenant on Civil and Political Rights of 16.12.1966; Principle 36, of the UN
Body of Principles for the Protection of All Persons under Any Form of Detention or Imprisonment;
Human Rights Committee, General Comment on Article 14: Communication No 770/1997, Gridin
v Russian Federation, § 3.5. and 8.3.
382
Cf. Lupária (2017), pp. 919–920.
383
Bell v. Wolfish, 441 U.S. 520, 545 (1979). In a public statement following his dissenting opinion,
Justice Marshall concluded that with this decision, “the Supreme Court decided the presumption
didn’t exist at all”, cf. Goldstein (1979), while traditionally the presumption of innocence was
granted a fundamental rule of common law systems (see, e.g., In re Winship, 397 U.S. 358, 1970).
384
In this sense, Quintard-Morénas (2010), p. 141 et seq., highlighting how “Thirty years after Bell
v. Wolfish, the distinction between accused persons and convicted offenders has become stagger-
ingly blurred in the United States” (p. 147).
385
This is, for instance, as reported by Lupária (2017), p. 919, the case of Germany (Weigend 2014,
p. 286 et seq.; Bohlander 2012, p. 21 et seq.), and Belgium (Caterini 2015, p. 24 et seq.; Paulesu
2009, p. 7 et seq.). Similar consideration, although highly debated, has been recognized in Italy
too, where Article 27(2) of the Constitution makes explicit reference not to the presumption of
innocence but to the right not to be considered guilty until the conviction is definitive (Gialuz 2008,
p. 273 et seq.; Dominioni 1991, p. 194 et seq). Supporting the deductibility of the presumption of
innocence from Article 27(2) of the Italian Constitution, e.g., Garofoli (1998), p. 1195 et seq.;
Illuminati (1979), p. 28 et seq.; Paulesu (2009), p. 57 et seq.; interpreting Article 27(1) more as a
Against this background, in 2012 the Court of Justice recognized the presump-
tion of innocence as “a feature of the constitutional traditions common to the
Member States”.386 The relevant role (at least if compared to the American system)
played by the presumption in many EU Member States, however, did not entail a
shared and transnational understanding of its notion, which continued, and continue
to highly vary from State to State according to the specific legal tradition.
In this framework, extremely relevant was then the explicit introduction of the
presumption in Article 48(1) of the Charter, which states that “Everyone who has
been charged shall be presumed innocent until proved guilty according to law”.
Thanks to the equivalence clause of Article 52(3) CFREU, this provision has the
same content of Article 6(2) ECHR, according to which “Everyone charged with a
criminal offence shall be presumed innocent until proved guilty according to law”.387
Compared to Article 6 ECHR, however, the wording of Article 48(1) CFREU—
although repeatedly challenged during the negotiations that brought to the establish-
ment of the Charter388—maintains a “neutral” connotation with regard to its subject
matter (“charged” vs “charged with a criminal offence”).
Thanks to it, at least for part of its content, the scope of this provision in the cur-
rent case-law is not strictly confined to the criminal matter. As already mentioned in
fact, although never admitting a substantial criminal nature to competition fines, the
CJEU had, even before the entry into force of the Charter, recognized the need to
apply the implications of the presumption of innocence with regard to rules on
adducing evidence in competition law proceedings ending up with sanctions char-
acterized by a certain “nature and degree of severity”.389
Application of the presumption of innocence in the Union legal framework,
moreover, has been raised also in other fields of EU law with a certain kinship with
the criminal matter, such as in administrative measures adopted in the fight against
terrorism.390 Compliance with different aspects of the presumption are also explic-
mere presumption of no guilt, instead, Amato (1967), p. 379 et seq.; Grevi (1976), p. 39 et seq. For
a more neutral, or restrictive interpretation of the principle deductable from the Constitution, see
Ferrua (2015), p. 52; Marzaduri (2010), p. 308 et seq.
386
Criminal proceedings against Marcello Costa and Ugo Cifone, Joined Cases C-72/10 and
C-77/10, 16.02.2012, ECLI:EU:C:2012:80, § 86.
387
As explicitly stated also under Article 48 in the Explanation relating to the Charter of
Fundamental Rights, cit.; see also Draft Charter of Fundamental Rights of the European Union,
Note from the Praesidium, Brussels, 11.10.2000 (18.10) CHARTE 4473/00 CONVENT 49.
388
For the numerous proposal to amend Article 48 during the negotiations see Draft Charter of
Fundamental Rights of the European Union, Note from the Praesidium, Brussels, 25.05.2000
CHARTE 4332/00 CONVENT 35, and in particular Amendments no. 164 (Michael O’Kennedy)
and no. 167 (Piero Melograni) proposing the following wording “Everyone who has been charged
with a criminal offence shall be presumed innocent until proved guilty according to law”.
389
Hüls v Commission, Case C-199/92, § 150; Montecatini v Commission, Case C-235/92 P, §§
175–176; Groupe Danone v Commission, Case T-38/02, §§ 215–216; Romana Tabacchi Srl v
European Commission, Case T-11/06, §§ 129. See also above, Sect. 6.2.
390
Cf. Jose Maria Sison v Council of the European Union, Case C-266/05 P, 1.02.2007,
ECLI:EU:C:2007:75, §§ 92-96, where the applicant indicated a violation of the presumption of
innocence in the limitation of his right of access to documents which had led the Council to adopt
itly required by the procedural rules applicable in OLAF administrative investiga-

tions.391 In light of the above, to date two profiles of the presumption of innocence
(rules on adducing proofs, and rules on treatment) are considered applicable to all
fields of law where sanctions are applied, including “purely” administrative
proceedings.392
So far, on the contrary, there are still no CJEU decisions specifically concerning
the third aspect of the presumption, that is the privilege against self-incrimination,
which traditionally was recognized only in criminal proceedings stricto sensu.393
In this sense, the interpretation of the broad wording of Article 48(1) CFREU
shall today also take into account Directive 2016/343, which under several aspects,
as will be further discussed, does not seem to meet the expectations of those who
invoke the need to provide a high standard of protection for such fundamental prin-
ciple in the EU.
In dealing with the compliance of the SSM sanctioning proceedings with fair
trial rights, the present analysis focuses therefore mainly on the privilege against
self-incrimination, as this is the most controversial profile in administrative punitive
contexts. The two other main aspects of the presumption of innocence, although
both applicable to the context of banking supervision, result instead less relevant or
problematic in light of the current European case-law.
As recognized by both the CJEU and in the ECtHR, applying the presumption of
innocence brings, first of all, relevant consequences to the rules on adducing proofs,
and especially on the standard, and on the burden of proof.394 Under this profile, the
presumption requires decision-making bodies to match the “beyond any reasonable
doubt test” in order to apply a sanction.
According to the CJEU, that reaffirms the standards already established under
Article 6(2) ECHR as interpreted by the judges in Strasbourg,395 a court cannot
establish the existence of an infringement “to the requisite legal standard if it still
entertains any doubts on that point, in particular in proceedings for annulment of a
decision imposing a fine”. Therefore, “any doubt in the mind of the Court must
a series of specific restrictive measures directed against certain persons and entities with a view to
combating terrorism. The Court declared this ground of appeal inadmissible, and therefore did not
ruled on the application of the presumption in the specific case. See also Nehl (2014), p. 1278.
391
Cf. Article 9(1), Regulation No 883/2013, according to which “In its investigations the Office
shall seek evidence for and against the person concerned. Investigations shall be conducted objec-
tively and impartially and in accordance with the principle of the presumption of innocence and
with the procedural guarantees set out in this Article”.
392
Cf. Lupária (2017), p. 917, and pp. 940–941; Nehl (2014), p. 1280.
393
The Court has only just recently started to deal with the presumption of innocence ex Article 48
CFREU as such outside the field of competition law, see, e.g., Criminal proceedings against Emil
Milev, Case C-439/16 PPU, 27.10.2016, ECLI:EU:C:2016:818.
394
Cf. Ubertis (2017), p. 227 et seq.
395
Cf., e.g., Barberà, Messegué and Jabardo v. Spain, 6.12.1988, Application no. 10590/83, § 77;
Cleve v. Germany, 15.01.2015, Application no. 48144/09, § 52, according to which the principle
“in dubio pro reo” “constitutes a specific expression of the presumption of innocence”.
operate to the advantage of the undertaking to which the decision finding an infringe-
ment was addressed”.396
Strictly related with this aspect, the presumption of innocence imposes an alloca-
tion of the burden of proof, according to which risks of facts remaining unresolved
or allegations unproven must benefit the person under investigations. This content
of the presumption was affirmed by both European Courts. In particular, the Court
in Strasbourg repeatedly stated how Article 6(2) ECHR is not only requiring the
tribunal to impartially examine the defendant (avoiding to consider him or her guilty
for the mere fact of being suspected),397 but also that “the burden of proof is on the
prosecution, and any doubt should benefit the accused […] Thus, the presumption
of innocence will be infringed where the burden of proof is shifted from the prose-
cution to the defence”.398
This application of the presumption has been recognized by the Court of Justice
especially with regard to competition proceedings.399 Such case-law has been also
integrated in Regulation No. 1/2003, according to which to date “the burden of
proving an infringement of Article 81(1) or of Article 82 of the Treaty shall rest on
the party or the authority alleging the infringement”.400
The reference to both standard and burden of proof under the presumption of
innocence is only partially enshrined in Directive 2016/343. The latter, indeed, at
Article 6 explicitly refers to the burden of proof, literally transposing into EU law
its notion as developed by the European Courts.401
396
Dresdner Bank AG and Others v Commission, Joined cases T-44/02 OP, T-54/02 OP, T-56/02
OP, T-60/02 OP and T-61/02 OP, 27.09.2006, ECLI:EU:T:2006:271, § 60; see also, among others,
Toshiba Corp. v Commission, Case T-104/13, 9.09.2015, ECLI:EU:T:2015:610, § 50; Panasonic e
MT Picture Display Co. Ltd v Commission, T-82/13, 9.09.2015, ECLI:EU:T:2015:612, § 7;
Telefónica e Telefónica de España v. Commission, Case T-336/07, 29.03.2012, ECLI:EU:T:2012:172,
§§ 67-72 and case-law there mentioned (hereinafter “Telefónica (2012)”); Franchet and Byk v.
Commission, Case T-48/05, 8.07.2008, ECLI:EU:T:2008:257, § 310; Toshiba Corp. v. Commission,
Case T-519/09, 21.05.2014, ECLI:EU:T:2014:263, § 36. See also Nehl (2014), p. 1284 et seq.;
Illuminati (1979), p. 164 et seq.
397
Cf. Trechsel (2005), p. 164 et seq.
398
Cf., e.g., Telfner v Austria, 20.03.2001, Application no. 33501/96, § 15; John Murray v. the UK,
28.10.1994, Application no. 18731/91, § 54; Melo Tadeu v Portugal, 23.10.2014, Application no.
27785/10, § 60; Vassilios Stavropoulos v Greece, 27.09.2007, Application no. 35522/04, § 39;
Barberà, Messegué and Jabardo, § 77; Poletan e Azirovik v. Macedonia, 12.05.2016, Application
nos. 26711/07, 32786/10 e 34278/10, § 64; Grande Stevens, § 159.
399
Cf., e.g., Baustahlgewebe GmbH v Commission of the European Communities, Case C-185/95
P, 17.12.1998, ECLI:EU:C:1998:608, § 58; Telefónica (2012), § 67; GlaxoSmithKline Services
Unlimited and o. v Commission of the European Communities and o., Joined cases C-501/06 P,
C-513/06 P, C-515/06 P and C-519/06 P, 6.10.2009, ECLI:EU:C:2009:610, §§ 82–83. For an
application of presumption in another field (protection of specimens) see Criminal proceedings
against Tomasz Rubach, Case C-344/08, 16.07.2009, ECLI:EU:C:2009:482, §§ 31–34.
400
Article 2, Regulation No. 1/2003; see also Recital (5) Regulation No. 1/2003. On the issue, see
also Castillo De La Torre (2009), p. 521 et seq.; Melícias (2012), p. 473 et seq.
401
“1. Member States shall ensure that the burden of proof for establishing the guilt of suspects and
accused persons is on the prosecution. This shall be without prejudice to any obligation on the
judge or the competent court to seek both inculpatory and exculpatory evidence, and to the right of
A specific reference to the presumption as a standard of proof, on the contrary,

cannot be found in the final text of the Directive, whereas the initial provision of
Article 5(3), as proposed by the Commission, was explicitly stating that “Member
States shall ensure that where the trial court makes an assessment as to the guilt of
a suspect or accused person and there is reasonable doubt as to the guilt of that per-
son, the person concerned shall be acquitted”.402
According to all the legal sources mentioned so far, the rule posed by the pre-
sumption of innocence with regard to the burden of proof is not considered absolute,
and may therefore bear exceptions.
In particular the Court in Strasbourg famously affirmed in Salabiaku v France,
and in the following case-law, that Article 6(2) ECHR, although does not “regard
presumptions of fact or of law provided for in the criminal law with indifference”
does not prohibit in principle presumptions in malam partem, as long as they have
a relative, and not absolute nature (or, in the words of the Court, as long as they are
not irrebuttable403). The Convention, “does, however, require the Contracting States
to remain within certain limits in this respect as regards criminal law”, taking into
account “the importance of what is at stake”, and “the rights of the defence”.404
Similar approach has been adopted quite literally by the Court of Justice, accord-
ing to which “a presumption, even where it is difficult to rebut, remains within
acceptable limits so long as it is proportionate to the legitimate aim pursued, it is
possible to adduce evidence to the contrary and the rights of the defence are
safeguarded”.405 This jurisprudence found a specific application in competition
the defence to submit evidence in accordance with the applicable national law. 2. Member States
shall ensure that any doubt as to the question of guilt is to benefit the suspect or accused person,
including where the court assesses whether the person concerned should be acquitted”.
402
Cf. Proposal for a Directive of the European Parliament and of the Council on the strengthening
of certain aspects of the presumption of innocence and of the right to be present at trial in criminal
proceedings, Bruxelles, 27.11.2013 COM(2013) 821 final; see also Presidency note, Brussels,
13538/14, 30.09.2014.
403
Salabiaku v France, 7.10.1988, Application no. 10519/83, § 28. See also Vos v. France,
5.12.2006, Application no. 10039/03; Radio France and others v France, 30.03.2004, Application
no. 53984/00, § 24; Pham Hoang v. France, 25.09.1992, Application no. 13191/87, § 36. On this
issue, see also Abbadessa (2011), p. 381 et seq; Chiavario (2001), p. 218.
404
Salabiaku v France, § 28. On the point, see also Blum v Austria, 3.02.2005, Application no.
31655/02, § 27; Weh v Austria, 8.04.2004, Application no. 38544/97, § 46; Navalnyy and Ofitserov
v. Russia, 23.02.2016, Application nos. 46632/13 and 28671/14, § 98; Västberga Taxi Aktiebolag
and Vulic v. Sweden, 23.07.2002, Application no. 36985/97, § 113; Phillips v UK, 5.07.2001,
Application no. 41087/98, § 40, and, among legal scholars, Castillo De La Torre (2009), p. 513;
Abbadessa (2011), p. 381 et seq.; Caterini (2015), p. 36 et seq.
405
Cf., e.g., Elf Aquitaine SA v European Commission, Case C-521/09 P, 29.09.2011,
ECLI:EU:C:2011:620, § 62, (with reference to Spector, § 43–44).
law,406 where several presumptions exist which consent to infer the existence of
antitrust breaches committed by undertakings.407
The compatibility of presumptions with Article 48(1) CFREU has been recently
affirmed also by Directive 2016/343 which, at Recital (22), states that the presump-
tion of innocence is not as such prejudiced by “the use of presumptions of fact or
law concerning the criminal liability of a suspect or accused person”, if they are
“rebuttable”, “used only where the rights of the defence are respected”, and “con-
fined within reasonable limits, taking into account the importance of what is at stake
and maintaining the rights of the defence, and the means employed should be rea-
sonably proportionate to the legitimate aim pursued”.408
The second profile of the presumption of innocence relatively less critical for the
SSM sanctioning proceedings concerns rules on treatment establishing that a sus-
pect or an accused person shall not be presented as guilty neither within nor outside
the proceeding, as long as s/he has not been proved guilty according to law (e.g. in
public announcements, press release, or in statements by police of the judiciary).409
406
Cf., e.g., ThyssenKrupp Liften Ascenseurs NV and others v. Commission, Joined cases T-144/07,
T-147/07, T-148/07, T-149/07, T-150/07 e T-154/07, 13.07.2011, ECLI:EU:T:2011:364, § 114;
Spector, § 44; Opinion of Advocate General Kokott, delivered on 4.06.2009, in TMobile
Netherlands and o., Case C-8/08, 4.06.2009, ECLI:EU:C: 2009:343, § 93.
407
See, among others, the possibility to deduce anti-competitive consent from the participation in
a cartel meeting (e.g. Commission of the European Communities v Anic Partecipazioni SpA, Case
C-49/92 P, 8.07.1999, ECLI:EU:C:1999:356, §§ 83-87); the existence of dominant position in
market share above 50% (e.g. AKZO Chemie BV v Commission of the European Communities,
Case C-62/86, 3.07.1991, ECLI:EU:C:1991:286, § 60), or the control over subsidiary on the mar-
ket from the 100% ownership of its parent company (e.g. Akzo Nobel NV and Others v Commission
of the European Communities, Case C-97/08 P, 10.09.2009, ECLI:EU:C:2009:536, §§ 60–63; see
also Bronckers and Vallery (2011), pp. 547–557. For more cases, see Nehl (2014),
pp. 1285–1286.
408
The provision appears in line with point 2.3 of the Green paper on the presumption of
innocence.
409
Cf. Recitals (16) to (19) Directive 2016/343. Among legal scholars, see e.g. Lamberigts (2016b);
Lupária (2017), pp. 927–936; Trechsel (2005), p. 164; Ubertis (2017), p. 232 et seq. A main field
of application of these rules in criminal proceedings concerns the delicate issue of pre-trial mea-
sures, which however is not relevant to sanctioning proceedings carried out in banking supervision,
cf. especially requiring to treat inmates awaiting for trial, or whose sentence is not final yet, differ-
ently from convicted ones, for instance establishing different rules and spaces in the detention
structures, see e.g., Article 10 of the International Covenant on Civil and Political Rights of
16.12.1966; Green paper on the presumption of innocence, § 2 and 2.2; Green Paper on the appli-
cation of EU criminal justice legislation in the field of detention (COM (2011) 327 def.), § 4;
Resolution of the European Parliament of 15 December 2011 on detention conditions in the EU
2011/2897/RSP. In this sense, also Fahas v Council, Case T-49/07, 7.12.2010, ECLI:EU:T:2010:499,
§ 64; El Morabit v Council, Joined cases T-37/07 and T-323/07, 2.09.2009, ECLI:EU:T:2009:296,
§ 40. Contra, in these terms, Trechsel (2005), p. 181 et seq., ECtHR, Peers v. Greece, 19.04.2001,
Application no. 28524/95, § 78; Jiga v. Romania, 16.03.2010, Application no. 14352/04, § 100,
although “il convient toutefois de s’assurer que les mesures prises à l’égard des détenus à titre
provisoire ne sont pas de nature à porter atteinte au principe de la présomption d’innocence”;
Iwańczuk v. Poland, 15.11.2001, Application no. 25196/94, § 53. Another important application of
the presumption in this field concerns the prohibition to keep the defendant with handcuffs or jail
uniform during the trial hearing cf., e.g., ECtHR, Jiga v. Romania, § 103, and Samoilă and Cionca
This issue has been addressed by both European Courts, as well as by Directive
2016/343.
The ECtHR, in particular, in line with other pieces of soft-legislation issued by
the Council of Europe,410 repeatedly ruled on this subject, affirming how the pre-
sumption of innocence “serves mainly to guarantee the rights of the defence and at
the same time helps to preserve the honour and dignity of the accused”.411
While, according to a certain interpretation, the moment in which this profile of
the presumption attaches shall be left to the applicable national law,412 the ECtHR
has partially limited the margin of appreciation of national authorities, requiring for
instance that the presumption shall continue to apply also in appeal proceedings
following a conviction, although already enforceable.413
According to the Court, in any case, Article 6(2) ECHR “by no means” prevents
“the authorities from informing the public about the criminal conviction concerned,
nor prevent discussion of the subject by the media or the general public […]
Nonetheless, such reference should be made with all the discretion and restraint
which respect for the presumption of innocence demands”.414
When media are involved, moreover, the presumption of innocence needs to be
balanced with the right to freedom of expression, protected by Article 10 ECHR,
since Article 6(2) ECHR cannot “prevent the authorities from informing the public
about criminal investigations in progress, but it requires that they do so with all the
discretion and circumspection necessary if the presumption of innocence is to be
respected”.415
This interpretation of the presumption of innocence as a rule of treatment is mir-
rored by Article 4 of Directive 2016/343, according to which “Member States shall
v. Romania, 4.03.2008, Application no. 33065/03, §§ 98-101. See also Article 5(1) and Recitals
(20)-(21) Directive 2016/343.
410
Cf. CoE Recommendation Rec (2003) 13 on the Provision of Information through the Media,
Principles 1 and 2; Guidelines on human rights and the fight against terrorism adopted by the
Committee of Ministers on 11.07.2002.
411
Konstas v Greece, 24.05.2011, Application no. 53466/07, § 32; Pandy v. Belgium, 21.09.2006,
Application no. 13583/02, § 43; Karaman v. Germany, 27.02.2014, Application no. 17103/10, §
63; Poncelet v. Belgium, 30.03.2010, Application no. 44418/07, § 51; Allenet de Ribemont v.
France, 10.02.1995, Application no. 15175/89, § 35; Minelli v Switzerland, 25.03.1983, Application
no. 8660/79, § 37. Daktaras v. Lithuania, 10.10.2000, Application no. 42095/98, § 43; Konstas v
Greece, § 33; Adolf v. Austria, 26.03.1982, Application no. 8269/78, §§ 36–41.
412
In this sense, Illuminati (1991), p. 22 et seq. On the topic, see also Paulesu (2009), p. 82 et seq.
El Kaada v. Germany, 12.11.2015, Application no. 2130/10, § 54; Iwańczuk v. Poland, § 53;
Sekanina v. Austria, 25 August 1993, Application no. 13126/87, § 30; Rushiti v. Austria, 21.03.2000,
Appication no. 28389/95, § 31.
413
See, Trechsel (2005), p. 163 et seq., and, e.g., Konstas v. Greece, § 36; Perica Oreb v. Croatia,
31.10.2013, Application no. 20824/09, § 146; Iwańczuk v. Poland, § 53.
414
Konstas v. Greece, § 34; Peša v. Croatia, 8.04.2010, Application no. 40523/08, § 139.
415
ECtHR, Y.B. and others v. Turkey, 28.10.2004, Application nos. 48173/99 and 48319/99, § 48;
Allenet de Ribemont v. France, § 38; ECJ, Franchet and Byk v. Commission, § 212. See also
Recommendation Rec (2003) 13 of the Committee of Ministers to member states on the provision
of information through the media in relation to criminal proceedings.
take the necessary measures to ensure that, for as long as a suspect or an accused
person has not been proved guilty according to law, public statements made by pub-
lic authorities, and judicial decisions, other than those on guilt, do not refer to that
person as being guilty”, without that being an obstacle in preventing “public author-
ities from publicly disseminating information on the criminal proceedings where
strictly necessary for reasons relating to the criminal investigation or to the public
interest”.416
According to Article 2 of the Directive, the scope of this provision, similarly to
the other profiles of the presumption of innocence, shall cover “all stages of the
criminal proceedings, from the moment when a person is suspected or accused of
having committed a criminal offence, or an alleged criminal offence, until the deci-
sion on the final determination of whether that person has committed the criminal
offence concerned has become definitive”. In dealing with these rules on treatment
under EU law, particularly interesting for the analysis of the SSM sanctioning pow-
ers—still lacking decisions on the matter directly concerning Directive 2016/343417—
is especially that CJEU case-law concerning the relationship between the
presumption of innocence and the publication of decisions imposing penalties to
undertakings in breach of competition law.418
Indeed, as already mentioned, both Article 68 CRD IV/V, Article 18(6) SSM R
and Article 1a(3) Regulation 2532/98 establish for decisions applying penalties to
be published.419
Restating its previous jurisprudence on the applicability of the presumption to
the procedures against infringements of competition law that may result in the
imposition of fines or periodic penalty payments,420 the Court in Pergan Hilfsstoffe
(2007) found that, until guilt has been established according to law, the presumption
“precludes any formal finding and even any allusion to the liability of an accused
person for a particular infringement”, and any findings shall “in principle, be
regarded as confidential as regards the public, and therefore as being of the kind
covered by the obligation of professional secrecy” in order to safeguard the “reputa-
416
Recital (17) of the Directive indicates ‘public statements made by public authorities’ should be
understood broadly as covering all authorities involved in criminal proceedings, such as “judicial
authorities, police and other law enforcement authorities, […] ministers and other public
officials”.
417
For the most recent cases, see the already mentioned Criminal proceedings against Emil Milev,
Case C-439/16 PPU, which however was issued after the approval of the Directive but before the
expiration of the deadline for the transposition at national level.
418
Cf. Nehl (2014), p. 1283 et seq. See, e.g., Franchet and Byk v. Commission, § 210; Nanopoulos
v. Commission, Case F-30/08, 11.05.2010, ECLI:EU:F:2010:43, § 185; Nikolaou v. European
Court of Auditors, Case C-220/13 P, 10.07.2014, ECLI:EU:C:2014:2057, § 34 et seq.
419
Cf. above, Sects. 4.3 and 4.4.2. The issue with regard to Article 18(6) SSM R is raised in
Allegrezza and Voordeckers (2015), p. 158.
420
Cf., e.g., Hüls v Commission, Case C-199/92, § 150; JFE Engineering and others v Commission,
Joined Cases T-67/00, T-68/00, T-71/00 and T-78/00, 8.07.2004, ECLI:EU:T:2004:221, § 178;
Sumitomo Chemical and Sumika Fine Chemicals v Commission, Joined cases C-403/04 P and
C-405/04 P, 25.01.2007, ECLI:EU:C:2007:52, §§ 104–105; BASF v Commission, Case T-15/02,
15.03.2006, ECLI:EU:T:2006:74, § 604.
tion and dignity of the person concerned as that person has not been finally found
guilty of an infringement”.
According to the same case-law, “the guilt of a person accused of an infringe-
ment is established definitively only where the decision finding that infringement
has acquired the force of res judicata, which implies either the absence of an appeal
against that decision by the person concerned […] or, after such an appeal, the
definitive closure of the contentious proceedings, in particular, by a judicial deci-
sion confirming the lawfulness of that decision”. Before that moment, “there is
therefore no public interest in publishing the disputed information that is capable of
prevailing over the applicants legitimate interest in having such information
protected”.421
Similar precautions find application also in other fields of EU law, for instance in
the protection of the financial interests of the Union, and in particular during OLAF
investigations. In that regard, the CJEU ruled that the presumption of innocence
confers rights on suspected individuals “in so far as they are entitled to expect that
the investigations concerning them will be conducted in a manner that respects their
fundamental rights”, which would be seriously violated in case the Office would
“named them publicly—including by the leaks in the press—as guilty of a number
of criminal offences”.422
In light of the above, the sanction provided for by Article 68 CRD IV/V does not
seem to raise particular problems against the presumption of innocence, since pub-
lication duties concern only administrative penalties for CRD IV/V or CRR
breaches, against which there is no appeal, or the latter is no longer available.
In case Member States would opt to extend the publication duty also to decisions
which may still be appealed, moreover, the communication shall include informa-
tion on the appeal status and outcome thereof. Therefore, it appears that CRD IV/V
on the matter remains in line with the case-law of the European Courts, and the
applicable legal framework.
Similar conclusions may be drawn also with regard to Article 18(6) SSM R and
Article 1a(3) Regulation 2532/98 which do not explicitly require a decision to be
final before making its publication compulsory (although, if the decision has been
appealed, that status and its outcome should also be published).
Indeed, SSM Regulations require that in cases where the publication including
information on the type and nature of the breach and the identity of the supervised
entity concerned would either (a) jeopardise the stability of the financial markets or
an on-going criminal investigation; or (b) cause, insofar as it can be determined,
disproportionate damage to the supervised entity concerned, the decision to be pub-
lished shall be anonymised.
421
Pergan Hilfsstoffe für industrielle Prozesse GmbH v Commission, Case T-474/04, 12.10.2007,
ECLI:EU:T:2007:306, §§ 75–77 and 80. See also Volkswagen AG v Commission, Case T-62/98,
6.07.2000, ECLI:EU:T:2000:180, § 281.
422
Yves Franchet and Daniel Byk v Commission of the European Communities, Case T-48/05,
8.07.2008, ECLI:EU:T:2008:257, § 215.
Alternatively, if such circumstances are likely to cease within a reasonable period

of time, publication may simply be postponed (Article 132 SSM FR). Such sanc-
tions remained also bound by the “conditions set out in relevant Union law”, and
therefore also the case-law interpreting the latter.
Against this background, the practice, so far carried out by the ECB, to publish
penalties imposed upon credit institutions only after the expiration of the terms to
ask for a review before the ABoR, or at the end of this internal reviewing procedure,
and (if that is the case), with a clear statement concerning the possibility for them to
be still challenged before the Court of Justice, seems to be in compliance with the
precautions imposed by both European Courts to safeguard the reputation and dig-
nity of the persons involved in the proceedings.
Much more critical considerations shall be drawn, instead, with regard to the
presumption of innocence meant as the privilege against self-incrimination, accord-
ing to which suspects and accused persons have the right to remain silent, and not
to incriminate themselves in relation to the charges they are suspected or accused of
having committed.
In line with the approach followed by the Court in Strasbourg and by Directive
2016/343, the expression “privilege against self-incrimination” is here understood
to include only the “right to silence”, and not also,423 the right of the defendant not
to state the truth before a request of public authorities. Indeed, in the field of bank-
ing supervision, it does not seem appropriate, on the other side, to extend also the
right to lie before public authorities to the production of documents, as the possibil-
ity to produce false documents would definitely undermine any system of public
trust.
Contrary to the other aspects of the presumption of innocence, the privilege is
not expressly mentioned in the European Convention on Human Rights. It however
finds its legal basis in paragraph 1 of Article 6 ECHR, together with the other fair
trial rights, with whom it is strictly related.
Especially evident is the link with the rights of legal assistance, which is the
basic condition to effectively invoke all other procedural rights,424 and with the right
423
See, e.g., Grevi (1972), pp. 2–4, and 47 et seq.; Illuminati (1979), p. 193. Contra Trechsel
(2005), p. 342, according to which these two guarantees “must be seen as being represented by two
partly overlapping circles”. However, differentiating in fact the scopes of the two expressions
according to their reference to verbal or non-verbal expressions (such as documents), or on the fact
that they cover all statements, or only those detrimental to the person concerned, seems a classifi-
cation hardly applicable into practice, and a solution leaving the way open to possible restriction
to the safeguarding impact of the principle. See e.g., Saunders v the UK, § 71: “the right not to
incriminate oneself cannot reasonably be confined to statements of admission of wrongdoing or to
remarks which are directly incriminating. Testimony obtained under compulsion which appears on
its face to be of a non-incriminating nature-such as exculpatory remarks or mere information on
questions of fact-may later be deployed in criminal proceedings in support of the prosecution case,
for example to contradict or cast doubt upon other statements of the accused or evidence given by
him during the trial or to otherwise undermine his credibility. Where the credibility of an accused
must be assessed by a jury the use of such testimony may be especially harmful”.
424
See, e.g., Illuminati (1979), p. 192.
to information, which requires suspects to be promptly warned also of their right to

remain silent.425
According to the ECtHR case-law, the privilege does not directly belong to the
presumption of innocence. However, the privilege not only lies “at the heart of the
notion of a fair procedure under Article 6 ECHR”, avoiding that the accused is sub-
ject to “improper compulsion by the authorities” and contributing in reducing mis-
carriages of justice,426 but, as repeatedly affirmed since the notorious decision
Saunders v UK, it is also “is closely linked to the presumption of innocence con-
tained in Article 6 para. 2 of the Convention (art. 6-2)”.427
At the EU level, even if also the Charter does not make any express reference to
it, the privilege against self-incrimination is instead considered covered by the pre-
sumption of innocence. A confirmation in this sense comes also from Directive
2016/343.
Article 7 of the Directive, indeed, puts the right to remain silent within the scope
of the presumption of innocence, and grounds its legal basis in Article 48(1)
CFREU.428 However, at least in its current interpretation, the objective and subjec-
tive scope of the privilege under the Directive does not coincide with that recognized
by the Court in Strasbourg, with differences extremely relevant when it comes to
analyse the application of this right to the matter of punitive banking supervision.
Under an objective perspective, and despite the “neutral” and broad wording of
Article 48, in fact, it remains controversial whether the privilege may find applica-
tion outside the criminal matter stricto sensu, and in particular to administrative
punitive contexts.429 In truth, recognizing, the application of the privilege to the
administrative matters (also with regard to banking supervision) results especially
critical, as it risks nullifying the very reporting mechanism employed by administra-
tive independent authorities, that is the duty of supervised entities to report and
provide the requested information, to their supervisors and the existence of forms of
liability in case of non-compliance.
Nonetheless, according to the ECtHR case-law, if a substantial criminal nature is
to be recognized in application of the Engel criteria, all rights established by Article
6(1) ECHR shall apply from the moment criminal charges are formulated against
425
Cf. also Article 3(1) let. e), and Article 4(2), Directive 2012/13/EU on the right to information
in criminal proceedings, to which Recital (32) of Directive 2016/343 refers to (directly to Article
4, indirectly to Article 3). Critical on this inclusion, since “it is not easy to imagine a case which
could give the Court in Strasbourg the opportunity to find a violation of the right to a fair trial due
to the absence of a proper warning”, Trechsel (2005), p. 352.
426
Ibrahim 2016, § 266; see also Gäfgen v. Germany, 1.06.2010, Application no. 22978/05, § 168;
John Murray v The UK, § 45; Jalloh v. Germany, 11.07.2006, Application no. 54810/00, § 100; and
Bykov v Russia, 10.03.2009, Application no. 4378/02, § 92.
427
Saunders v the UK, § 71; O’Donnell v the UK, concurring opinion of Judge Wojtyczek, § 3;
Heaney and McGuinness v Ireland, § 40; Quinn v. Ireland, § 40.
428
Cf. Recital (1), Directive 2016/343.
429
Drastically contrary to this option Trechsel (2005), p. 349 according to which “There can be no
doubt that the privilege does not apply outwith the criminal law-a fact evidenced by the very term
self-incrimination”; contra Veenbrink (2015), p. 120 et seq. See also Scarparone (1995).
the accused, thus including also pre-trial phases.430 No exclusion of the privilege
from the punitive administrative matter finds therefore grounds in the ECtHR case-
law, at least with regard to the right to remain silent. Similar conclusions should be
drawn also with regard to the EU legal framework.
Indeed, Article 2 of the Directive establishes that the privilege applies to “sus-
pects or accused persons in criminal proceedings”, and Recital (11) specifies that it
“should not apply to civil proceedings or to administrative proceedings, including
where the latter can lead to sanctions, such as proceedings relating to competition,
trade, financial services, road traffic, tax or tax surcharges, and investigations by
administrative authorities in relation to such proceedings”. While this provision
seems to deny the application of the Engel case-law to the matter, the Recital then
continues affirming, not without some contradictions, that the Directive shall how-
ever apply to “criminal proceedings as interpreted by the Court of Justice of the
European Union without prejudice to the case-law of the European Court of Human
Rights”, which seems to bring Engel back on the field.
A similar limitation to the scope of the privilege, in any case, besides for raising
concerns for the coherence of the interpretation of fundamental rights in the EU,
does not find legal basis in the neutral wording of Article 48 (1) CFREU (which
refers to “everyone who has been charged”, and not specifically to defendants).
And, it worth recalling, the provisions of the Directive are hierarchically subordi-
nated to the principles of the Charter.
Relevant differences of approaches between the ECtHR and Directive 2016/343
may be found also analysing the privilege under a subjective point of view, that is
with regard to the subjects who may invoke it.
Indeed, as already mentioned, the Court in Strasbourg has generally not differen-
tiated the application of fair trial rights between natural and legal persons, although
it has not explicitly ruled on the application of the right to remain silent to legal
persons as yet.431
A similar interpretation should be attached also to Article 48 CFREU, whose
wording does not differentiate between natural and legal persons (“everyone”).432
This would be coherent as well with, the application of the other profiles of the
presumption of innocence (standard and burden of proof, and rule on treatment) to
legal entities, which has been so far undisputedly admitted by the Court of Justice.433
Against this background, however, the Directive explicitly excludes all the rights
related to the presumption of innocence with regard to legal persons. According to
Article 2, in fact, this piece of legislation applies to “natural persons who are sus-
430
See, e.g., Ibrahim and others v. The UK, 13.09.2016, Applications nos. 50541/08, 50571/08,
50573/08 and 40351/09 (hereinafter “Ibrahim 2016”), § 249.
431
See e.g., Menarini Diagnostics v Italy, § 44, and above, Sect. 6.2. At the academic level see
Lamberigts (2016a), p. 36 et seq.; Oliver (2015), p. 685; Van Kempen (2011), p. 373.
432
On this opinion also Nehl (2014), p. 1282; Allegrezza (2017), p. 950. See also O’Connel (2006).
433
Cf., recently, Eturas and others v Lietuvos Respublikos konkurencijos taryba, Case C-74/14,
21.01.2016, ECLI:EU:C:2016:42, § 38.
pects or accused persons in criminal proceedings”.434 Recitals (13) and (14) further
specify that the “Directive acknowledges the different needs and levels of protection
of certain aspects of the presumption of innocence as regards natural and legal per-
sons” and that “at the current stage of development of national law and of case-law
at national and Union level, it is premature to legislate at Union level on the pre-
sumption of innocence with regard to legal persons. This Directive should not,
therefore, apply to legal persons”.
With another ambiguous clause, Recital (14) then affirms that “This should be
without prejudice to the application of the presumption of innocence as laid down,
in particular, in the ECHR and as interpreted by the European Court of Human
Rights and by the Court of Justice, to legal persons”. In light of the above, Recital
(15) concludes that “the presumption of innocence with regard to legal persons
should be ensured by the existing legislative safeguards and case-law, the evolution
of which is to determine whether there is a need for Union action”.
This exclusion raises several doubts if looked from a systematic perspective,
both within and outside the EU legal framework.
From an external perspective, as increasingly observed by legal scholars,435 this
interpretation appears to contrast with the case-law of the Court in Strasbourg, set-
ting a lower level of protection in the EU for legal persons. This result should be
barred by Article 52(3) CFREU, which requires a standards at least as high as those
granted by the Convention.436
From an internal perspective, the exclusion appears first in contrast to the other
procedural directives adopted in light of the Stockholm Roadmap for strengthening
procedural rights in criminal proceedings, in which no explicit restriction has been
established according to the type of subject they refer to.437
Moreover, excluding legal persons not only from the privilege against self-
incrimination, but also from all the other profiles of the presumption of innocence
434
During the negotiations, the European Parliament tried to broaden the scope of the Directive
also to include legal persons, but the attempt failed, see Amendments no. 9, 10, 39, in European
Parliament, I Report on the proposal for a directive of the European Parliament and of the Council
on the strengthening of certain aspects of the presumption of innocence and of the right to be pres-
ent at trial in criminal proceedings (COM(2013)0821—C7-0427/2013—2013/0407(COD))
Committee on Civil Liberties, Justice and Home Affairs (Rapporteur: Nathalie Griesbeck),
A8-0133/2015, 20 April 2015. http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//
TEXT+REPORT+A8-2015-0133+0+DOC+XML+V0//EN. Accessed 20 July 2018.
435
Calzado and De Stefano (2012), pp. 423–427; Van Overbeek (1994), pp. 127–133; Willis
(2001), pp. 313–321; Belluta (2018), pp. 72–77; Veenbrink (2015), p. 128 et seq.
436
“In so far as this Charter contains rights which correspond to rights guaranteed by the Convention
for the Protection of Human Rights and Fundamental Freedoms, the meaning and scope of those
rights shall be the same as those laid down by the said Convention. This provision shall not prevent
Union law providing more extensive protection”.
437
Resolution of the Council of 30.11.2009 on a Roadmap for strengthening procedural rights of
suspected or accused persons in criminal proceedings (better known as the “Stockholm
Programme”), O.J. C 295, 4.12.2009, p. 1; on the point see Lamberigts (2016a), p. 36. On a general
brief recollection of the measures derived from the Programme see Sayers (2014),
pp. 1311–1312.
appears to contrast with both the wording of Article 48(1) CFREU (which, again,
does not contain any specific reference in this sense), and with the consolidated
jurisprudence of the CJEU. The latter indeed actually developed its case-law on the
matter in competition law where most undertakings are precisely legal persons.438
In this respect, finally, the reference of Recital (14) to the fact that “the Court of
Justice has, however, recognised that the rights flowing from the presumption of
innocence do not accrue to legal persons in the same way as they do to natural per-
sons”, used in the Directive as a justification to exclude legal persons from its scope,
needs to be carefully put into context. Indeed, it is true that the Court (before the
entry into force of the Lisbon Treaty, and, again, mostly in competition law) has
recognized the applicability of the presumption of innocence to undertakings only
with some limitations, arguing that the acknowledgement of the existence of a
broader right “would go beyond what is necessary in order to preserve the rights of
defence of undertakings, and would constitute an unjustified hindrance with the
Commission’s performance of its duty”.439
In this sense, however, it should first be reminded that even if there is not a clear
definition of “undertaking” under antitrust law, the notion is commonly referred not
only to legal, but also to natural persons or group of persons. Therefore, it is not
possible to conclude that the restrictive approach developed by the CJEU derives
from the need to differentiate between natural and legal persons.440
In any case, even the consideration that the level of protection might not be the
same for natural and legal persons does not per se imply that the latter should be
excluded completely from its scope. For instance, the right to be silent has never
been recognized as absolute for natural persons by the ECtHR, but this was never
used as an argument to exclude natural persons from the scope of the privilege.
Moreover, the cases of the CJEU to which the Directive refers to in Recital (14)
mostly concern competition law, which is a field that so far has never been recog-
nized by the Court as substantive criminal matter.441 It is not clear, therefore, as
highlighted by some scholars, how limitations in non-criminal fields of law may be
used as a model to define the standard of protection for defendant in criminal
proceedings.442
The limited scope of the Directive also seems to contrast with other policy indi-
cations coming from the EU, which in several legal acts strongly encouraged and
promoted the establishment of forms of liability towards legal persons responsible
438
Cf. Eturas and others v Lietuvos Respublikos konkurencijos taryba, Case C-74/14.
439
Commission of the European Communities v SGL Carbon AG, Case C-301/04 P, 29.06.2006,
ECLI:EU:C:2006:432, § 402; Mannesmannröhren-Werke v Commission, Case T-112/98,
20.02.2001, ECLI:EU:T:2001:61, §§ 66 and 67. See also Nehl (2014), p. 1293.
440
Jones (2012), pp. 301–331.
441
See above, Sect. 6.2. Of this opinion, for instance, Nehl (2014), p. 1294 according to which the
Court of Justice could even adopt a higher standard of protection, “as long as the ECtHR does not
expressly extend the scope of protection under Article 6 of the ECHR to legal persons in competi-
tion proceedings”.
442
Lamberigts (2016a), p. 37.
of having committed crimes.443 For instance, the 2017 Directive for the protection
of the financial interests of the EU (PIF Directive)444 or the 2014 Market Abuse
Directive and Regulation445 require to include legal persons among the subjects
which may be prosecuted and sanctioned for criminal behaviours: Against this
background, the choice of the same EU legislator to completely deprive the same
subjects from one of the core rights of fair trial is, at the very least, contradictory.
The exclusion of legal persons from the scope of the Directive appears even less
justifiable taking into account that, for natural persons, the level of protection pur-
sued by this legal text is already very “minimal”, and an extension to legal entities,
as already pointed out in the academic debate, would not have probably been much
more than a statement of principle.446 In fact, as anticipated, nowhere in the Directive,
(on this in line with the Court in Strasbourg)447 the right not to incriminate oneself
is established as an absolute right.
Limitations to the privilege invokable by natural persons may be found, first of
all, with regard to the type of information that the proceeding authority is requiring
to provide, and especially to the difference between oral statements and documents.
Indeed, while the first are usually covered by the privilege, a much stricter interpre-
tation is applied with regard to documents.
The case-law of the Court in Strasbourg concerning this profile is especially
ambiguous. In a number of cases, starting from the 1993 landmark decision Funke
v France, the Court recognized that requesting the accused to give evidence at his
own trial, through the production of pre-existing documents from which evidence
emerges of the offences allegedly committed, may be considered as a violation of
the privilege against self-incrimination. In particular, the ECtHR recognised a viola-
tion in the use of production orders aimed at obtaining documents which the inves-
tigating authorities believed must exist, although without being certain about it:
“Being unable or unwilling to procure them by some other means, they attempted to
compel the applicant himself to provide the evidence of offences he had allegedly
committed”.448
443
Cf. Sect. 2.2.
444
Cf. Article 2, Directive 2017/1371 (“PIF”).
445
Article 8, Directive 2014/57/EU on criminal sanctions for market abuse, and Article 3(1), no. 13,
Regulation (EU) No 596/2014.
446
Lamberigts (2016a), p. 40, who notices also that none of the really critical profiles concerning
the application of the right to remain silent to legal persons is addressed by the Directive, such as
“the definition of persons who may exercise this right on behalf of the legal person. Is it limited to
a very select group of employees or officials of the legal person, or can it be invoked on behalf of
the legal person by a broad circle of individuals? Member States could have answered this question
restrictively, thereby limiting the impact of the Directive in practice”.
447
“Not only the ECtHR’s case law on the issue of documentary evidence, but also its case law on
the right to silence in general is at times confusing”, Lamberigts (2016a), p. 39.
448
Funke v France, 25.02.1993, Application no. 10828/84, § 44 “The Court notes that the customs
secured Mr Funke’s conviction in order to obtain certain documents which they believed must
exist, although they were not certain of the fact. Being unable or unwilling to procure them by
some other means, they attempted to compel the applicant himself to provide the evidence of
Few years later, however, in Saunders v UK (1996), the Court specified and
restricted the scope of the privilege, clearly stating that it “does not extend to the use
in criminal proceedings of material which may be obtained from the accused
through the use of compulsory powers but which has an existence independent of
the will of the suspect such as, inter alia, documents acquired pursuant to a warrant,
breath, blood and urine samples and bodily tissue for the purpose of DNA testing”.449
A special attention, for the purpose of this work, shall be put on the expression
“documents acquired pursuant to a warrant”, which seems to imply that practices
requiring suspects to hand over documents, although self-incriminating, should not
be considered in violation of the right to remain silent, as long as the person is not
required to create new documents.450
This test seemed then to get softened again by the Court in J.B. v Switzerland
(2001), where a fine was imposed on the claimant for failure to produce some
documents concerning the companies in which he had invested money. Those docu-
ments, although required by several production orders by the competent tax authori-
ties, were not considered by the Court to be falling under the Saunders test.451
Similar approach was adopted also in Jalloh (2006), where the ECtHR recog-
nized the “principle of self-incrimination as protected under Article 6 § 1 a broader
meaning so as to encompass cases in which coercion to hand over real evidence to
the authorities was in issue”.452 More recently, in Chambaz v Switzerland (2012),
the Court made again a broad application of the privilege, recognizing that fining
the applicant to pressure him to submit documents potentially harming his position
not only before the tax authorities but also in a criminal proceeding constituted a
violation of the right to remain silent.453
At the EU level, the Saunder test was literally transposed in Article 7(3) of
Directive 2016/343, which explicitly refers to evidence “which may be lawfully
obtained through the use of legal powers of compulsion and which has an existence
independent of the will of the suspects or accused persons”.
offences he had allegedly committed. The special features of customs law (see paragraphs 30–31
above) cannot justify such an infringement of the right of anyone “charged with a criminal
offence”, within the autonomous meaning of this expression in Article 6 (art. 6), to remain silent
and not to contribute to incriminating himself. There has accordingly been a breach of Article 6
para. 1 (art. 6-1)”.
449
Saunders v the UK, § 69; cf. Veenbrink (2015), p. 125 et seq.
450
In this sense, also Lamberigts (2016a), p. 39; Ashworth (2008), pp. 770–771.
451
J.B. v Switzerland, 3.05.2001, Application no. 31827/96, § 68.
452
Jalloh v Germany, 11.07.2006, Application no. 54810/00, § 110.
453
Chambaz v Switzerland, 5.04.2012, Application no. 11663/04, §§ 50-58, and in particular § 54
and 58: “La Cour observe, par ailleurs, que le requérant ne pouvait exclure que toute information
relative à des revenus supplémentaires de sources non imposées l’exposait à être accusé d’avoir
commis l’infraction de soustraction d’impôt (J.B. c. Suisse, précité, § 65) et était de nature à com-
promettre sa position dans l’enquête pour soustraction d’impôts […] Ces éléments suffisent à la
Cour pour conclure que le droit de ne pas être contraint de s’incriminer soi-même, tel que garanti
par l’article 6 § 1 de la Convention, a été violé en l’espèce”.
The ambiguity of this expression, already visible in the ECtHR jurisprudence,

clearly emerges from the combined reading of Recital (29) and (25) of the Directive.
According to the first, this exception should refer to evidence “such as material
acquired pursuant to a warrant, material in respect of which there is a legal obliga-
tion of retention and production upon request, breath, blood or urine samples and
bodily tissue for the purpose of DNA testing”. However, Recital (25) states that
“suspects and accused persons should not be forced, when asked to make statements
or answer questions, to produce evidence or documents or to provide information
which may lead to self-incrimination”.
The balance between these two interpretative criteria is not clearly identified in
the Directive. On one side, in line with the stricter interpretation of Saunders, it
could be concluded that “the privilege only covers assistance from the suspect
which could not be substituted by employing direct force”, therefore including only
documents which are still not existing at the moment of the request.454
In light of the reference of Recital (29) to the “material in respect of which there
is a legal obligation of retention and production upon request”, however, a broader
and more safeguarding interpretation could also be raised. It could be concluded, in
fact, without any reason to distinguish between natural and legal persons, that the
privilege covers not only declarations but also the production of documents, with
the exclusion of those for which a positive obligation of retention exists (e.g.
accounting records).455
Some limitations to the privilege against self-incrimination applicable to natural
persons may be found also with regard to oral statements.
Already under Article 6(1) ECHR, in fact, not every form of compulsion adopted
by public authorities to obtain statements from the persons under investigations is
considered to be a violation of the right to remain silent.456
To assess so, it is necessary for the ECtHR to examine several concrete parame-
ters such as “the nature and degree of compulsion used to obtain the evidence; the
weight of the public interest in the investigation and punishment of the offence in
issue; the existence of any relevant safeguards in the procedure; and the use to which
any material so obtained is put”.457
While the legal classification, seriousness or complexity of certain types of
crime, such as corporate crime, or terrorism, cannot per se justify a restriction of the
privilege,458 the Court, taking into account the nature and the degree of the coercion,
454
Trechsel (2005), p. 354.
455
Along the same line, overseas, SEC (2017), p. 73.
456
Cf., e.g., John Murray v the UK, § 47; Heaney and McGuinness v Ireland, § 47; Weh v. Austria,
8.04.2004, Application no. 38544/97, § 46; O’Halloran and Francis v The UK, 29.06.2007,
Applications nos. 15809/02 and 25624/02, § 53; Adetoro v. the UK, 20.04.2010, Application no.
46834/06, § 47; O’Donnell v. the UK, § 48.
457
See, e.g., Jalloh v Germany, §§ 97, 101 and 117.
458
Cf., e.g., Marttinen v Finland, 21.04.2009, Application no. 19235/03, § 75; more recently see
Ibrahim 2016, §§ 298-300, where the qualification of the offence as terrorism had indeed a relevant
weight in the assessment of the Court.
and starting from John Murray v UK (1996), worryingly distinguished between

“proper” forms of compulsion, which do not represent a breach of the privilege, and
“improper” forms of compulsion, in which the degree of coercion applied is so that
it “destroys the very essence of the privilege against self-incrimination”.459
Besides for cases in which the compulsion results in a violation of Article 3
ECHR and Article 4 CFREU, however, defining what represents a “proper” form of
compulsion is far from being straightforward. Aware of this, for what specifically
concerns pre-trial phases, which are perhaps the most delicate stage for the pre-
sumption of innocence also in “punitive” administrative proceedings, in its case-law
the ECtHR has identified a non-exhaustive list of factors which shall be examined
to determine whether the compulsion has been improper,460 including (i) the poten-
tial vulnerable status of the accused; (ii) compliance of the investigative act with the
legal framework governing the pre-trial proceeding—and if evidence was obtained
unlawfully, the nature of the unlawfulness in question; (iii) the possibility for the
accused to challenge the authenticity of the evidence so obtained and oppose its use
(and in case of statement, whether it was promptly retracted or modified by the
accused); (iv) the analysis on whether the circumstances in which evidence was
obtained cast doubt on its reliability or accuracy; (v) the weight of the evidence so
obtained in supporting a conviction, and the strength of the other evidence in the
case; and (vi) the weight of the public interest in the investigation and punishment
of the particular offence in issue.461 Particular attention was also put by the Court on
the will of the suspected person.462
In Ibrahim (2016) however the Court recalled that there are “at least three kinds
of situations which give rise to concerns as to improper compulsion”463: Where the
suspect is obliged to testify under threat of sanctions and either testifies in conse-
quence, or is sanctioned for refusing to testify464; where physical or psychological
pressure, often in the form of treatment which breaches Article 3 of the Convention,
is applied to obtain real evidence or statements465; or where the authorities use sub-
terfuge to elicit information that they were unable to obtain during questioning.466
459
John Murray v the UK, § 49; O’Halloran and Francis, § 53–55; Heaney and McGuinness, §§
54-55; Bykov, § 92; cf. also Balsamo (2015), pp. 134–136, and Veenbrink (2015), p. 122 et seq. and
literature there mentioned.
460
As it not necessarily derives only by the use of physical force, cf. an oath to tell the truth (Brusco
v. France, 14.10.2010, Application no. 1466/07); a rule permitting to draw adverse inferences from
the exercise of the right to remain silent (Condron v the UK, 2.05.2000, Application no. 35718/97),
or the use of an undercover agent (Allan v. the United Kingdom, 5.11.2002, Application no.
48539/99).
461
The criteria have been summarized in Ibrahim 2016, § 274.
462
Jalloh v Germany.
463
Cf. Ibrahim 2016, § 267.
464
See, for example, Saunders; Brusco v. France; Heaney and McGuinness.; Weh v. Austria.
465
See, e.g., Jalloh v. Germany; Magee v The UK, 9.06.2000, Application no. 28135/95; and
Gäfgen v. Germany, 1.06.2010, Application no. 22978/05.
466
See Allan v. the UK.
Of these three circumstances, the first is particularly relevant in case of adminis-

trative (punitive) proceedings in general, and of the SSM sanctioning proceeding in
particular, as it concerns the case in which a suspect is obliged to testify under threat
of sanctions and either testifies in consequence, or is sanctioned for refusing to tes-
tify.467 This profile is also linked with another critical issue related to the privilege
against self-incrimination, that occurs when oral statements are compelled under
administrative proceedings, and then used against the declarant in a criminal (or
punitive) trial.
This case is left unanswered by Directive 2016/343. In Saunders, however, the
Court in Strasbourg rejected the Government’s position that the privilege can “rea-
sonably be confined to statements of admission of wrongdoing or to remarks which
are directly incriminating. Testimony obtained under compulsion which appears on
its face to be of a non-incriminating nature—such as exculpatory remarks or mere
information on questions of fact—may later be deployed in criminal proceedings in
support of the prosecution case, for example to contradict or cast doubt upon other
statements of the accused or evidence given by him during the trial or to otherwise
undermine his credibility”. From that, “it follows that what is of the essence in this
context is the use to which evidence obtained under compulsion is put in the course
of the criminal trial”, and that “public interest cannot be invoked to justify the use
of answers compulsorily obtained in a non-judicial investigation to incriminate the
accused during the trial proceedings”.468 Therefore, it seems that if the information
gathered might be relevant for criminal proceedings, due attention should be paid on
the use of form of compulsion also in administrative proceedings.469
This approach to the right to remain silent was applied by the CJEU also towards
legal persons, mainly in competition law cases. There, the Court further distin-
guished between requests for information, and decisions requiring information
which may also impose a penalty to the undertaking in the event of a refusal to
reply, considering only the latter relevant for the scope of the privilege.470
Within this perspective, the CJEU has repeatedly affirmed, since its landmark
case Orkem, that duty to cooperate and provide information is considered legitimate
only as long as that does not “undermine the rights of defence of the undertaking
concerned and compel it to provide answers which might involve an admission on
its part of the existence of an infringement which it is incumbent on the Commission
to prove”.471
467
Cf., e.g., Saunders v The UK, § 65; Heaney and McGuinness, §§ 48–49; Brusco v. France, § 54.
468
Sanders v The UK, §§ 71 and 74.
469
On this point see also Lamberigts (2016a), p. 37.
470
Limburgse Vinyl Maatschappij NV (LVM) and others v Commission of the European
Communities, Joined cases C-238/99 P, C-244/99 P, C-245/99 P, C-247/99 P, C-250/99 P to
C-252/99 P and C-254/99 P, 15.10.2002, ECLI:EU:C:2002:582, §§ 274 and 279.
471
Société Générale v Commission of the European Communities, Case T-34/93, 8.03.1995,
ECLI:EU:T:1995:46, §§ 74-76. See also Orkem v Commission, § 35 “Commission may not compel
an undertaking to provide it with answers which might involve an admission on its part of the
existence of an infringement which it is incumbent upon the Commission to prove” (quoted also in
the Green paper on the presumption of innocence, § 2.5); Solvay v Commission, Case 27/88,
The Court, however, in line with the standards already established by the ECtHR
(with regard to natural persons) in John Murray v UK,472 established that protection
shall be granted only for “strictly” self-incriminating questions, and not where “the
answers requested are none the less purely factual”.473 The difference between
the two hypothesis, however is not always precisely identifiable, and very much
depends on the specific circumstances of the case.
This case-law was later incorporated by Regulation No 1/2003, that at Recital
(23) recognizes a need to safeguard also legal persons, stating that “when comply-
ing with a decision of the Commission, undertakings cannot be forced to admit that
they have committed an infringement, but they are in any event obliged to answer
factual questions and to provide documents, even if this information may be used to
establish against them or against another undertaking the existence of an
infringement”.474
The blurred, and limited safeguards conferred in the European legal framework
to the right to remain silent are also magnified by the lack of exclusionary rules in
case of its violation.
This approach does not represent an unicum in the jurisprudence of the ECtHR,
which since the 1988 decision Schenk, has steadily affirmed that “while Article 6
(art. 6) of the Convention guarantees the right to a fair trial, it does not lay down any
rules on the admissibility of evidence as such, which is therefore primarily a matter
for regulation under national law”.475 In the context of the right to remain silent, this
interpretation is reflected in the conclusion that not all direct forms of compulsion
lead to a violation of Article 6 ECHR, but only those which may be defined as
“improper”. As repeatedly affirmed by the Court in John Murray and in the follow-
18.10.1989, ECR 3355, summary publication; Mannesmannröhren-Werke v Commission, Case

T-112/98, § 66; Tokai Carbon Co. Ltd and Others v Commission of the European Communities,
Joined cases T-236/01, T-239/01, T-244/01 to T-246/01, T-251/01 and T-252/01, 29.04.2004,
ECLI:EU:T:2004:118, §§ 402-406; Commission of the European Communities v SGL Carbon AG,
Case C-301/04 P, §§ 35-49; Limburgse Vinyl Maatschappij NV (LVM) and others v Commission of
the European Communities, Joined cases C-238/99 P, § 274; Dalmine SPA v. Commission, Case
C-407/04 P, 25.01.2007, ECLI:EU:C:2007:53, § 34. For a comparative analysis of the privilege in
competition law, see Veenbrink (2015), p. 133 et seq.
472
Cf. John Murray, § 47; O’Halloran and Francis, § 55; Bykov, § 104.
473
Société Générale, § 75; cf. also Amann & Söhne GmbH & Co. KG and Cousin Filterie SAS v
European Commission, Case T-446/05, 28.04.2010, ECLI:EU:T:2010:165, § 328 “the mere fact of
being obliged to answer purely factual questions put by the Commission and to comply with its
request for the production of documents already in existence cannot constitute a breach of the
principle of respect for the rights of the defence or impair the right to fair legal process, which
offer, in the specific field of competition law, protection equivalent to that guaranteed by Article 6
of the ECHR. There is nothing to prevent the addressee of a request for information from showing,
whether later during the administrative procedure or in proceedings before the Community judica-
ture, when exercising its rights of defence, that the facts set out in its replies or the documents
produced by it have a different meaning from that ascribed to them by the Commission”.
474
Cf. Recital (23), Regulation No. 1/2003. See also Veenbrink (2015), p. 131 and 137 ff. Talking
about a «discrete exception», Ashworth (2008), p. 771.
475
Schenk v. Switzerland, 12.07.1998, Application no. 10862/84, §§ 50-51; see also Trechsel
(2005), p. 162 et seq.
ing case-law (interestingly almost exclusively based on the British or Irish legal
systems476), this perspective de facto allows also to draw adverse inferences from
the silence of the accused. Whether that represents an infringement of Article 6 shall
“be determined in the light of all the circumstances of the case, having regard to the
situations where inferences may be drawn, the weight attached to them by the
national courts in their assessment of the evidence and the degree of compulsion
inherent in the situation”.477
Such an approach, coherent with the comprehensive perspective adopted for all
the rights included in Article 6 ECHR (if not violating also Article 3478), results
however rather critical if applied to procedural rights, such as access to a lawyer or,
precisely, the privilege against self-incrimination, that represent the core of fair trial
and on which most of the other relevant procedural safeguards depends upon.479
The lack of exclusionary rules is mirrored also in Directive 2016/343.480
476
With some few exceptions, see e.g. Telfner v Austria, § 17, where the Court considered “that the
drawing of inferences from an accused’s silence may also be permissible in a system like the
Austrian one where the courts freely evaluate the evidence before them, provided that the evidence
adduced is such that the only common-sense inference to be drawn from the accused’s silence is
that he had no answer to the case against him”.
477
John Murray v the UK, § 47; Averill v. The UK, 6.06.2000, Application no. 36408/97, § 44.
478
Gäfgen v. Germany, § 168. As recently reaffirmed in Ibrahim 2016, § 254 “As the Court has
explained on numerous occasions, it is not the role of the Court to determine, as a matter of prin-
ciple, whether particular types of evidence, including evidence obtained unlawfully in terms of
domestic law, may be admissible. As explained above (see paragraph 250), the question which
must be answered is whether the proceedings as a whole, including the way in which the evidence
was obtained, were fair […] However, an exception to this approach applies in the case of confes-
sions obtained as a result of torture or of other ill-treatment in breach of Article 3”.
479
Cf. with regard to Directive 2016/343, Lamberigts (2016a), p. 39. In general terms on the issue
see, e.g., Illuminati (1979), p. 5; Amodio (1974); Pulitanò (1999). The dependence of other fair
trial rights upon the correct exercise of the right to remain silent, in connection with the access to
a lawyer, although without getting to the creation of exclusionary rules, has been recognized also
by the same ECtHR in John Murray, § 66, according to which “at the beginning of police inter-
rogation, an accused is confronted with a fundamental dilemma relating to his defence. If he
chooses to remain silent, adverse inferences may be drawn against him in accordance with the
provisions of the Order. On the other hand, if the accused opts to break his silence during the
course of interrogation, he runs the risk of prejudicing his defence without necessarily removing
the possibility of inferences being drawn against him. Under such conditions the concept of fair-
ness enshrined in Article 6 (art. 6) requires that the accused has the benefit of the assistance of a
lawyer already at the initial stages of police interrogation. To deny access to a lawyer for the first
48 hours of police questioning, in a situation where the rights of the defence may well be irretriev-
ably prejudiced, is - whatever the justification for such denial - incompatible with the rights of the
accused under Article 6”.
480
As well as in all procedural Directives, due to their compromised origin, in this sense see
Caianiello (2014b), p. 317 et seq.; Allegrezza (2017), pp. 970–971, which reminds that the process
of EU integration has always developed with small steps, and that much of the effectiveness of the
recent European rules will depend on their correct implementation at the national level, and on the
will of the Court of Justice in providing a safeguarding interpretation of the texts of the
directives.
Indeed, Article 7(5) only provides that “The exercise by suspects and accused
persons of the right to remain silent or of the right not to incriminate oneself shall
not be used against them and shall not be considered to be evidence that they have
committed the criminal offence concerned”.
Although this provision seems to raise the level of protection recognized by the
ECtHR, its scope in practice results rather downsized if read in light of the whole
Directive.
Contrary to the Commission’s proposal, in fact, the approved text of this legisla-
tion does not contain any more an exclusionary rule for the evidence gathered in
violation of the privilege.481
According to Article 10(2) of the Directive, what must be always respected, is
“only” the fairness of the proceedings and the rights of the defence. This expression,
as pointed out by legal scholars, is less strong than an absolute exclusionary rule,
and actually seems to implicitly allow the use of evidence collected in violation of
the right to remain silent, although with some cautions, such as the right to an effec-
tive remedy (also not defined in the Directive).482
Recital (28), moreover, specifies that the exercise of the right to remain silent
“should not, in itself, be considered to be evidence” but that “this should be without
prejudice to national rules concerning the assessment of evidence by courts or
judges, provided that the rights of the defence are respected”. The Directive, there-
fore, does not really require any substantial strengthening of the standards of protec-
tion already established in this field at the national level.483
6.3.6 T
he Right to Remain Silent in the SSM Legal
Framework
Against this legal, and often rather confused background, the level of safeguards
provided for in the SSM sanctioning proceedings appears rather problematic.
Indeed, although Article 22(2) SSM R requires to comply with due process rights
in the adoption of all supervisory decisions, including sanctioning proceedings, not
all the guarantees of fair trial find an explicit recognition in the SSM Regulations—a
fact which appears particularly thorny when it concerns fundamental principles,
such as the privilege against self-incrimination.
As anticipated, the SSM may investigate over all financial institutions under its
jurisdiction, all persons belonging to them, and third parties to whom the same enti-
481
Cf. Article 7, Directive 2016/343 with Article 4, European Commission, Proposal for a Directive
of the European Parliament and of the Council, cit.
482
Lamberigts (2016a), p. 38.
483
The fact that silent might represent an evidence, is also confirmed by Article 7(4) of the Directive,
according to which “when sentencing, cooperative behaviour of suspects and accused persons”
may be taken into account by judicial authorities, therefore seeming to imply, a contrario, that
silent may have detrimental effects on the defendant. Lamberigts (2016a), p. 38; Mazza (2014), p.
1407.
ties have outsourced functions or activities.484 According to Article 11 SSM R, writ-

ten or oral explanations may be obtained from any of these subjects, their
representatives or staff. The SSM may also interview any other person “for the
purpose of collecting information relating to the subject matter of an investigation”.485
While the interview of third persons requires their consent to be legally carried
out, the picture looks quite different when it comes to the subjects under investiga-
tion. Indeed, Articles 28 and 29 SSM FR establish that these parties are required to
participate to the ECB supervisory procedure, and to provide assistance clarifying
the facts under investigation. Upon request, the same subjects may also be com-
pelled (“shall”) to provide any information that “is necessary in order to carry out
the tasks conferred on it by” the SSM Regulations. The ECB may set a time-limit
by which evidence shall be provided, and “subject to the limits relating to sanction-
ing procedures under Union law”, the parties shall “state truthfully the facts known
to them”.486
If a person obstructs the conduct of the investigation, the SSM may require the
necessary assistance by the National Competent Authority of the participating
Member State where the relevant premises are located.487 Secrecy law plays a very
restricted role in this field, since, according to Article 10(2) SSM R, it neither
exempts banks from their disclosing duty, nor represents a cause for invoking a
breach of professional secrecy.
The situation is then different for natural and legal persons. According to Recital
(53) SSM R, the ECB may not impose penalties upon natural persons. In this case,
therefore, non-compliance with the obligation to state the truth and cooperate with
the investigations cannot be sanctioned directly by the SSM.
The issue is then determined by national law, which the ECB, according to
Article 11(2) SSM R, may ask the competent NCA to apply (apparently without any
discretion of the latter whether to so do or not, since paragraph (2) prescribes that
NCAs “shall afford” the request assistance to the ECB).
Where the national legal framework provides for penalties in case of non-
compliance with the regulator, for instance where that is interpreted as an obstruc-
tion to the supervisory functions,488 natural persons may then be sanctioned for their
non-cooperation in supervisory activities. This has major implications on the effec-
tivity of their privilege against self-incrimination especially when such sanctions
are established as criminal.489
As for legal persons, the possibility to apply sanctions for non-compliance is
more straightforward. Article 122 SSM FR, in fact, provides that in case of failure
to comply with obligations under ECB regulations or decisions, legal entities may
484
Article 10 SSM R. For a complete illustration of the SSM investigative powers mentioned here,
cf. above, Sect. 4.4.3.
485
Article 11(1) (c)-(d) SSM R.
486
Article 28(3) and Article 29(2) SSM FR.
487
Article 10(1)-(2) SSM R.
488
As it is the case in several Member States, cf. Lasagni and Rodopoulos (2019).
489
Such as in Italy, cf. Article 7(1)(2) of Legislative Decree no. 385, of 1.09.1993 (TUB).
be sanctioned according to Article 18(7) SSM R, which refers to Regulation

2532/98. The duty to state the truth and supply the information requested, estab-
lished by Articles 10(2) SSM R and 29 SSM FR, seems to represent an obligation
established by ECB Regulations Investigatory measures are also adopted on the
basis of an ECB decision which, according to Article 142(c) SSM FR, shall also
specify that any obstruction constitutes a breach under Article 18(7). Therefore, in
case of non-compliance, the SSM has the power to impose significant enforcement
measures or even trigger the initiation of a specific sanctioning procedure against
the subjects under investigation.
In light of the privilege against self-incrimination, this legal background presents
several critical points. In general terms first of all, the ECB should perhaps not rely
too easily on the aforementioned CJEU case-law, about the privilege in competition
law proceedings (that acknowledging the existence of a broader right “would go
beyond what is necessary in order to preserve the rights of defence of undertakings,
and would constitute an unjustified hindrance with the Commission’s performance
of its duty”).490 Although investigations carried out by DG Comp seems rather com-
parable with those of the SSM (both EU institutions with investigating powers, both
formally administrative but—likely—with punitive character, both with sanctioning
powers applicable upon legal persons491), there are solid arguments suggesting the
need to differenciate.
First, so far there is no evidence that the Court of Justice will extend its “excep-
tionalism” also towards authorities other than DG-COMP, that is to say, that the
CJEU will maintain also for the ECB the ambiguity of classification reserved until
now only to antitrust proceedings. In the latter, as previously illustrated, the Court
repeatedly acknowledged the severity of the imposable fines (one of the Engel cri-
teria), and therefore the need to comply with some fundamental procedural rights,
such as rules on adducing proofs and on treatment deriving from the presumption of
innocence, but it never recognized the Commission as a tribunal in the meaning of
Article 6 ECHR, nor the subject matter to be of substantive criminal nature, without
providing a clear legal reasoning behind such interpretation.492 However, as already
argued, competition law retains a sui generis treatment mostly thanks to historical
and pragmatic rather than legal reasons, not easily transferrable to the post-Lisbon-
established Single Supervisory Mechanism.493
A reason to exempt the SSM sanctioning proceedings from the need to comply
with the right to remain silent could not be grounded either on the fact that targets
of the SSM may be only legal persons, and that these subjects enjoy only a limited
490
Commission of the European Communities v SGL Carbon AG, Case C-301/04 P, § 402;
Mannesmannröhren-Werke v Commission, Case T-112/98, §§ 66-67. Cf. also Nehl (2014), p. 1293.
491
Affirming that competition law represents a “privileged field” for reconstructing the framework
of defence safeguards in the EU, Allegrezza (2017), p. 953.
492
In this sense, also the Commission’s prerogative to fine undertakings for non-cooperating con-
ducts could likely be increasingly undermined and challenged by national parties in the next future,
see, e.g., Slater et al. (2008); cf. also Sects. 6.2 and 6.3.5.
493
amount of guarantees under the CJEU case-law developed in the field of competi-
tion law. Indeed, as it was previously illustrated, the jurisprudence of the Court of
Justice on the matter is not exclusively referred to legal persons.494
The subjective scope of the privilege against self-incrimination represents
another critical issue in the analysis of the SSM sanctioning proceedings under
Article 6(1) ECHR and Article 48 CFREU, especially for the possibility of sanc-
tioning legal entities under Regulation 2532/98 in case of failure to comply with an
ECB information request. In fact, against the broad wording of Article 48 CFREU
(“everyone”), and the ambiguous reference illustrated above, of Recitals (13) to
(15) Directive 2016/343, to the evolving jurisprudence of the European Courts, the
exclusion of legal persons from the scope of the privilege does not appear justified.
This is even more true looking at the case-law of the Court in Strasbourg, whose
interpretation, according to Recital (14) should not be prejudiced by the Directive,
and that, as discussed above, has already, and repeatedly decided in favour of the
recognition of fair trial rights also towards legal persons.495
Critical profiles in the SSM investigating proceedings emerge also with regard to
natural persons listed under Article 10(1) SSM R (persons belonging to credit insti-
tutions, mixed financial holding companies, mixed-activity holding companies
established in the participating Member States, or their representatives or staff),
who according to paragraph (2) of the same article, and paragraph (2) of Article 11
SSM R, cannot refuse to provide the information requested.
In particular, especially problematic in light of the jurisprudence of the European
Courts and of Article 7(5) of Directive 2016/343, is the possibility for these subjects
to be sanctioned for their refusal to provide (potentially self-incriminating) informa-
tion, even though in this case the competence relies at national level.
In light of the above, both with regard to natural and legal persons, the power to
impose sanctions in case of mere refusal shall be interpreted and applied with
extreme caution by the ECB. In particular, to comply with the right to remain silent,
sanctions should never be imposed for the refusal of the requested person to provide
statements, which might involve an admission of the existence of an infringement
incumbent upon the ECB to prove.
A similar restrictive approach, in light of the aforementioned jurisprudence of
the European Courts, should be also applied with regard to requests to produce
documents, avoiding to impose sanctions in case of refusal to cooperate, when there
is no legal obligation for the subject required to keep such documents (e.g. docu-
ments other than accounting). This clarification appears necessary even though
most of the sanctions directly applicable by the ECB (Article 18(1) SSM R) concern
breaches of “quantitative” requirements (such as capital buffers, or liquidity
Cf. Jones (2012).

494
See above, Sect. 6.2, e.g., Menarini Diagnostics v Italy, § 44; Zegwaard & Segwaard B.V. v the
495
Netherlands, 9.09.1998, Application no. 26493/95, §§ 34–51. The need for such a non-discrimina-
tory approach also within the EU will certainly be accelerated in case the Union would finally
access the European Convention, under which no apparent distinction is made between legal and
natural persons, a process which, after the stop of the ECJ in 2012, might still be resumed.
thresholds)496: In these cases, in fact, it is likely that the investigations may be car-
ried out exclusively requiring the supervised entity to produce information which
the latter is under a general obligation to keep.
Most of “qualitative” prudential requirements (e.g. concerning governance), for
which it is more likely that also interviews as well as the production of documents
other than accounting ones could be necessary are instead provided for by CRD
IV. Hence, in case of breaches, investigations rely upon the NCAs, and not the ECB.
Nonetheless, also CRR provides for additional disclosure obligations, and pre-
scribes conducts for the management of risk. For the investigation of these breaches,
examining accounting or similar documents may likely not be always sufficient.
Moreover, the content of CRR is not immutable as the approval of CRR II clearly
shows and it could be subject to amendment in the future, that might include also
“qualitative” obligations.
Lastly, “qualitative” assessments are also required in some supervisory proceed-
ings which might end up with the application of measures characterized by a sub-
stantial criminal nature in light of the Engel criteria (such as the removal of members
from the management body of credit institutions ex Article 16(2)(m SSM R)497).
Also when supervisory measures cannot be classified as criminal, the need to
comply with the privilege against self-incrimination shall be taken into account.
Indeed, no clear distinction really exists between ordinary and sanctioning supervi-
sory activities with regard to the right to remain silent. Information collected for
“daily” supervisory tasks could then be easily used by the same ECB to apply puni-
tive measures on a later stage. Moreover, in performing the SSM supervisory and
investigating tasks, suspicious elements of a crime may emerge.
In this case, examined above, the SSM has the duty, according to Article 136
SSM FR, to refer the matter to the competent NCA, which shall refer it to the
national judicial authorities according to national law.498 As already mentioned,
however, the Court of Justice in the 2015 case WebMindLicence conditioned the
possibility of using evidence gathered in other proceedings to a double proportion-
ality and compliance check.499
Although the principle affirmed there was referred to the case in which evidence
gathered in a criminal proceeding had to be used in an administrative one, the need
to comply with this test seems even more necessary in the opposite case, taking into
account the stricter criteria for the admission of evidence usually established in
criminal procedural law.500 Even besides for the recognition of substantial criminal
nature to some sanctions, therefore, the possibility of using the information gath-
ered by the SSM as evidence in criminal proceedings should be conditioned to its
496
The differentiation between “quantitative” and “qualitative” requirements is used here only to
understand the practical impact of the provisions under analysis, but it does not find a specific
recognition in CRR or CRD IV.
497
498
Cf. above, Sect. 6.1.3, and Sect. 4.4.3.
499
Cf. WebMindLicence, Case C-419/14, §§ 75 and 82.
500
See Tesoriero (2016), p. 1540.
compliance, during the administrative investigations, with the fundamental rights of

the defendant, including the privilege against self-incrimination.
Both for natural and legal persons, moreover, other critical issues arise from the
analysis of the SSM Regulations in light of the right to silence. First, as already
discussed above under the profile of the dissemination of information,501 “compul-
sory” requests for information result critical also for the safeguard of professional
secrecy. According to Article 10(2) SSM R, indeed, «professional secrecy provi-
sions do not exempt» the subjects under investigations «from the duty to supply that
information. Supplying that information shall not be deemed to be in breach of
professional secrecy».
As already mentioned, the analysis of the professional secrecy of ECB members
of staff goes beyond the remit of this work, as it will require an in-depth exam of the
privileges and immunities to the ECB members of staff, still in lack of specific case-
law on the matter.502
For the purposes of this analysis, focused on the privilege against self-incrimina-
tion, it shall however be reminded that the definition of the boundaries of the legal
professional privilege appears problematic.
Legal professional privilege does not find a specific protection under the SSM
Regulations, although Recital (48) SSM R recognizes it as “a fundamental principle
of Union law” in line with the importance of the principle enshrined in Article 41(2)
CFREU,503 and “in accordance with the conditions laid down in the case-law of the
Court of Justice”. The CJEU, however, although acknowledged in the past that this
right represents an “essential corollary to the rights of the defence”,504 has more
recently adopted a rather narrower interpretation. In the leading case Akzo Nobel
Chemicals, indeed, the Court concluded that “legal professional privilege does not
cover exchanges within a company or group with in-house lawyers”.505
Such a strict interpretation raises several issues with regard to the effectiveness
of defence rights, although a limited protection of the legal professional privilege is
not unheard of in the field of banking or financial supervision.
In the US, for instance, both the attorney-client privilege and the work product
doctrine receive a special benefit in the context of banking supervision. Indeed,
according to it, disclosing information to supervisors is exceptionally not consid-
ered as a waiver to these protections (meaning that providing information to the
supervisors should not generally expose the bank to the obligation of discovering
that material during private litigations).506
501
502
503
According to which in the right to good administration is included “the right of every person to
have access to his or her file, while respecting the legitimate interests of confidentiality and of
professional and business secrecy”.
504
Since AM & S Europe Limited v Commission of the European Communities, Case 155/79,
18.05.1982, ECLI:EU:C:1982:157, § 18 et seq. especially § 23.
505
Cf. Akzo Nobel Chemicals Ltd, Akcros Chemicals Ltd v European Commission, Council of the
Bars and Law Societies of the European Union, Algemene Raad van de Nederlandse Orde van
Advocaten, Association européenne des juristes d’entreprise (AEJE), American Corporate Counsel
Association (ACCA), Case C-550/07 P, 14.09. 2010, ECLI:EU:C:2010:512, § 44.
506
Cf. 12 U.S.C. § 1828 (x).
Banks, moreover, can also benefit from the Bank Examination Privilege, accord-
ing to which also communications between credit institutions and their supervisors
are protected from disclosure duties towards third parties.507
Against this background, however, several are the flows which significantly
weaken the effectiveness of all these privileges in banking supervision in the US.
First, the Bank Examination Privilege is qualified, meaning it does not apply to
“purely factual material” (which is sometimes broadly interpreted by the courts)
and may be overridden by a court upon demonstration of “good cause”.508
Secondly, all these privileges cover only the bank, and not employees. The latter
should be informed of the risk they incur while cooperating to internal investiga-
tions (according to the so-called “Upjohn wanrning”509), but distinctions of roles
within the company is not always straightforward in practice.
Lastly, unless the credit institution secures a specific confidentiality agreement
with the supervisor, the mere existence of the privileges does not always success-
fully bind the regulator from disclosing the information received to third parties.510
In a context, like the EU, where some of the sanctions applicable by banking
supervisors may be attributed a substantial criminal nature, however, notable com-
pressions of defence rights could become definitely critical, considering that the
Convention provides on the matter a much wider level of protection.511
Finally, the SSM Regulations do not consider at all the position of the subject
(natural or legal person) who, first interviewed as a simple witness, issues state-
ments with a self-incriminating character in the course of the interview. This situa-
tion was however repeatedly examined by the ECtHR, which for instance in the
2016 decision Ibrahim (partially overruling in appeal the 2014 decision512) consid-
ered an infringement of Article 6 ECHR using the statements so obtained as evi-
dence, in lack of an adequate demonstration by the Government that “the overall
fairness of the trial was not irretrievably prejudiced by the decision not to caution”
the applicant.513
Regardless of this jurisprudence, on which the CJEU has not had a chance yet to
take position, procedural rules dealing with similar situations have been already
507
In re Bankers Trust Co., 61 F.3d 465, 471 (6th Cir. 1995); In re Subpoena Served Upon
Comptroller of Currency & Sec’y of Bd. of Governors of Fed. Reserve Sys., 967 F.2d 630, 634
(D.C. Circ. 1992).
508
Cf. Lambrakopoulos et al. (2017), p. 6 and 14 et seq.
509
Upjohn Co. v. United States, 449 U.S. 383, 394–95 (1981).
510
Cf. Lambrakopoulos et al. (2017), p. 9 et seq.
511
Under the Article 8 ECHR, see, e.g., Brito Ferrinho Bexiga Villa-Nova v. Portugal, 1.12.2015,
Application no. 69436/10, § 59; Niemietz v. Germany, §§ 30–33; André and Another v. France,
24.07.2008, Application no. 18603/03, § 41; Xavier Da Silveira v. France, 21.01.2010, Application
no. 43757/05, §§ 37, 42 and 48 (requiring “special procedural guarantees”, and the possibility for
the lawyer to have access to “effective scrutiny” to contest them). The issue has been pointed out
by Allegrezza and Voordeckers (2015), p. 154. See also Nehl (2014), p. 1301.
512
Cf. Ibrahim and others v. The UK, 16.12.2014, Applications nos. 50541/08, 50571/08, 50573/08
and 40351/09.
513
Ibrahim 2016, § 271-273; Serves v France, 20.10.1997, 82/1996/671/893, § 42.
provided for in 2013 by Article 9(2) of the OLAF Regulation, which requires that
“where, in the course of an interview, evidence emerges that a witness may be a
person concerned, the interview shall be ended. The procedural rules provided for
[…] shall immediately apply. That witness shall be informed forthwith of his rights
as a person concerned and shall receive, upon request, a copy of the records of any
statements made by him in the past. The Office may not use that person’s past state-
ments against him without giving him first the opportunity to comment on those
statements”.514
A similar safeguard has not been replicated in the SSM Regulations, in which the
position of the declarant that becomes target of the investigations at a later stage is
not supported by any specific right.
Against this background, as already highlighted by scholars,515 inserting in the
SSM Regulations a provisions similar to that of Article 9(2) OLAF Regulation
appears necessary and appropriate, at least to impose a duty upon the proceeding
officer(s) to inform not only the undertakings subject to supervisory investigations,
but also the subjects who consent to be interviewed (ex Article 11(1)(d) SSM R) as
third parties of their rights, including the privilege against self-incrimination, shield-
ing them from any form of “improper” coerced admissions of responsibility. In
order to keep a record of this warning, it may be useful to request the interviewee
also to sign a statement acknowledging that he/she has been expressly informed on
his/her rights.
Lastly, taking into consideration that Joint Supervisory Teams provide the
Investigating Unit with most of substantive relevant information for the investiga-
tions, it should be advisable that similar safeguards apply also in the course of their
supervisory tasks (at least to those referred to “qualitative” assessments), to avoid
subsequent problems in using such information as grounds to impose (substantially
criminal) sanctions. After all, the necessity to notifying suspects of their rights is not
coming just from the case-law of the ECtHR, but has also been recognized in the EU
legal framework by Directive 2012/13/EU on the right to information in criminal
proceedings, which includes the right to remain silent among the procedural rights
that a suspect shall be informed about.516
Again similarly to Article 9(2) OLAF Regulation, this obligation shall be
extended towards those subjects which are heard only as persons informed about the
514
Cf. Article 9, Regulation No 883/2013. Interestingly, this provision applies also when the person
has given his or her consent to be interviewed, as interviews carried out by OLAF are voluntary (at
least for external investigations, while for internal investigations this provision shall be interpreted
also taking into account Article 16 of the OLAF Guidelines on Investigation Procedures for OLAF
Staff (1 October 2013) according to which “officials or other servants should also be informed that
they have a duty to cooperate with the OLAF investigation”. Cf. also Guidelines on Digital
Forensic Procedures for OLAF staff, referring to the leaflet wito be given to the investigated sub-
ject containing reference to his/her rights.
515
Wissink et al. (2014), p. 114; of the same position also Allegrezza and Voordeckers (2015),
p. 157.
516
Cf. Article 3, Directive 2012/13/EU.
matter of the investigation, as soon as evidence emerges from their statements that
they might also be held responsible for breaches.
If that raises potential inculpatory profiles also against the natural person inter-
viewed (and not only for the legal person represented), the interview should be
interrupted to warn the subject of the change in its legal standing. The case file
would then likely be transmitted to the competent national authority, as the SSM has
no competence to sanction natural persons. The abovementioned safeguards should
be accordingly respected during on-site inspections too, considering that, under
Article 12 SSMR and Article 143 SSM FR, the ECB may request information and
oral explanations also in that circumstances. All these profiles require therefore a
special attention both from the ECB and NCAs to the potential uses of the informa-
tion collected, especially when it is likely to be put at the basis of a punitive
decision.517
6.3.7 The Protection from Bis In Idem
Finally, since relevant administrative penalties applicable by the SSM may present
a substantial criminal nature, and the principle of ne bis in idem (still) applies to all
sanctions a coloration pénale and (at least formally) to the related proceedings
according to the Engel criteria, the compliance of the SSM sanctioning procedure
with the double jeopardy clause shall also be examined. The analysis of this profile,
however, collides with the great interpretative uncertainty left in Europe after the
ECtHR revirement in A and B, as followed by the 2018 CJEU decisions on the same
matter.518 Also in banking supervision, in fact, the overruling of the ECtHR and the
restrictive interpretation to this right resulting from the interpretation of the Court of
Justice, significantly risk to undermine at the very basis the possibility to grant indi-
viduals effective protection.
In particular, the persistence of double-track systems in punitive contexts appears
even more critical when multiple sanctions or proceedings may be applied to sub-
jects with a great social impact, like credit institutions. Especially in this field
indeed, adverse consequences (as tragically exemplified in the Arthur Anderson
LLP (Enron) case519) should be carefully considered before endorsing a system
towards credit institutions (and therefore, above all, shareholders and depositors) in
517
Cf. Bontempelli (2009) and Orlandi (1992).
518
For a detailed analysis of the development in the jurisprudence of the ECtHR and of the CJEU
on the ne bis in idem, and its relevance in the administrative punitive matter see Chap. 2, respec-
tively Sects. 2.3.2 and 2.3.3.
519
Cf. Sect. 2.2. Another relevant profile, which goes beyond the remit of this work, as it may rep-
resent the subject of a whole separate analysis, could concern the potential implications of ne bis
in idem in the application of supervisory punitive sanctions and precautionary punitive measures
applied either by national judicial authorities or by national administrative authorities (if consid-
ered to be falling under Article 6 ECHR).
which duplication of proceedings bears almost no limits and standards of protection

are virtually unpredictable.
In addition to this precarious case-law, the SSM Regulations do not foresee any
specific rule or remedy to address issues related to the ne bis in idem.520 Only a few
provisions in fact address the possibility of multiple proceedings, but without pro-
viding any substantial guarantees for the affected subjects. This is the case of Article
130(5) SSM FR, according to which, in case a criminal proceeding is pending
against the supervised entity “in connection with the same facts”, the limitation
period to impose penalties shall be suspended for the duration of the latter.
Slightly different terms are instead employed in Article 4c(3)(b) Regulation
2532/98, according to which the limitation period within which the ECB may
impose a sanction for the breach of one of its decisions or of a regulation relating to
its supervisory tasks (Article 18(7) SSM R), can be extended in case “criminal pro-
ceedings are pending against the concerned undertaking in connection with the
same facts” until the conclusion of the latter.
Also in this field, therefore, as more generally noticed for all the matter of admin-
istrative punitive proceedings, the protection from bis in idem seems to have flat-
tened out on the principle of proportionality of sanctions.
This principle, explicitly mentioned by both Articles 18(3) SSM R and 2(2) and
(3) Regulation 2532/98, however, does not cover also the procedural notion of ne
bis in idem, that is the protection from being subject to multiple proceedings for the
same illicit conduct.
Only in Article 2 Regulation 2353/98, moreover, it is clearly affirmed that, in
deciding the amount of a sanction to be imposed, the ECB shall consider “prior
sanctions imposed by other authorities on the same undertaking and based on the
same facts”. This precaution, therefore, results mandatory for the ECB, at least
explicitly, only for penalties under Article 18(7), and not for those of Article 18(1).521
Against this background, several are the issues which remain currently unanswered,
and for which providing solutions is to date highly speculative. In lack of ECB spe-
cific case-law on the matter by the Court of Justice, what can be already done,
however, is first to identify which are the relationships between authorities relevant
for the Eurozone enforcement systems (SSM, NCAs, national judicial authorities,
other national administrative authorities, the CJEU) which may give rise to a risk
under a ne bis in idem perspective (for instance, a violation of the double jeopardy
520
Under this perspective, some author has affirmed that the role of supremacy of the EU law as
established in Walt Wilhelm will apply, cf. Walt Wilhelm and others v Bundeskartellamt, C-14-68,
13.02.1969, ECLI:EU:C:1969:4, in D’Ambrosio (2013), p. 81. A provision explicitly requiring to
“shall refrain from imposing fines or periodic penalty payments where a prior acquittal or convic-
tion arising from identical fact or facts which are substantially the same has already acquired the
force of res judicata as the result of criminal proceedings under national law” has been explicitly
introduced with regard to ESMA sanctioning powers in crowdfunding services by Article 31(11)
of the Commission Proposal for a Regulation on Crowdfunding Service Providers, cit.
521
See also D’Ambrosio (2017), pp. 1037–1038, underlying how the SSM Regulation does not
provide for any safeguard clause to reduce the amount of the sanctions potentially imposable in
light of the proportionality principle.
clause is not foreseeable between the CJEU and national courts, besides for the
extremely unlikely hypothesis in which both would declare competent for to adju-
dicate on acts issued under Article 9(1) SSM R).
In the current legal framework, as reconstructed in the analysis carried out so far,
they can be grouped as those among: (i) The SSM and national judicial authorities;
(ii) the NCAs and national judicial authorities; (iii) the SSM and the NCAs; and (iv)
the SSM or the NCA and other relevant administrative national courts (e.g. in tax or
financial law).
Two further potentially critical profiles of ne bis in idem are also here examined,
respectively originated (v) within the same SSM, or (vi) by the difficulty in identify-
ing precisely who is the subject that should be held liable for prudential breaches.
Of course, further relationships could emerge in practice following the development
of the supervisory activities both at the national and at EU level.
Scenario (i)—SSM and National Judicial Authorities
In case breaches of prudential requirements committed by banks are also represent-

ing criminal offences at national level,522 two are the main factual scenarios that
could be covered by this first hypothesis.
1. The case of the ECB directly imposing punitive sanctions/starting a sanctioning
procedure under Article 18(1) or (7) SSM R, for a breach that is also considered
a criminal offence in national law.—This represent the situation with the highest
risk of originating violations of the principle of ne bis in idem, since credit insti-
tutions could be charged under two different forms of punitive liability for the
same conduct: At the EU level by the SSM (with punitive administrative sanc-
tions), and at the national level, by a national court, under the applicable criminal
law.
To this case, therefore, it is necessary to apply all the considerations illustrated in
Chap. 2 with regard to the uncertain current legitimacy of parallel proceedings, and
more in general of all double-track systems.
In light of the current case-law, in fact, the duplication of criminal and adminis-
trative proceedings originated from the same fact are considered legitimate by the
Court of Justice, as long as they present a sufficiently closely connection in sub-
stance; pursue an objective of general interest that justifies such a duplication; con-
tain rules ensuring coordination which limit to what is strictly necessary the
additional disadvantage for the persons concerned; and provide for rules making it
possible to ensure that the severity of all of the penalties imposed is limited to what
is strictly necessary in relation to the seriousness of the offence concerned.523
In this sense, it is necessary to recall that, contrary to other fields of law (such as
the protection of the EU financial interests, or the regulation of credit rating agen-
522
Cf. Lasagni and Rodopoulos (2019).
523
Cf., e.g., Menci, Case C-524/15, § 63; see also Sects. 2.3.2 and 2.3.3.
cies), the power of the ECB to impose sanctions is not assisted by safeguard clauses
which impose to take into account sanctions already ordered under a different pro-
ceeding besides for the case of Article 18(7) SSM R, or to suspend the administra-
tive proceeding in case a criminal one is carried out.524 It seems, therefore, that not
even under the mild conditions currently required by the European Courts, to recog-
nize a violation of ne bis in idem, it is possible to exclude potential violations to
Article 50 CFREU in the SSM enforcement system. To this aim, however, it shall
also be reminded that—at present—potential violations of ne bis in idem could
emerge under this profile only for those States where forms of criminal liability for
legal entities have been established.525 Only subject to a reclassification of hybrid or
administrative forms of liability under the Engel case-law, it might indeed be pos-
sible to extend this consideration also to those States where sanctions for legal enti-
ties are not formally criminal.
2. The case of the SSM directly imposing punitive supervisory measures/
starting punitive proceedings to apply punitive supervisory measures for a
breach that is also considered a criminal offence in national law.—This situation
could be assimilated to the previous one; nonetheless, it is useful to examine
separately it as the punitive nature of the supervisory measures provided for by
Articles 14 and 16 appears more uncertain than that of those of Article 18 SSM
R.526 If, however, measures such as the removal of members from the manage-
ment body of credit institutions, and the withdrawal of a banking licence will be
confirmed as substantially punitive in future case-law, even only in certain
circumstances,527 the same considerations illustrated in point 1 above shall apply.
In both situations (1-2), critical appears the identification of the court before
which such transnational violations of ne bis in idem should be raised.
This could indeed represent a further implicit case in which the CJEU might have
to extend its scope of review also over national law, with all the implications
described above. However, the Court could rule on the existence of a violation to the
principle, but perhaps not—at least for cases of Article 18(1) SSM R, where it lacks
unlimited jurisdiction—on the amount of the penalty to be finally imposed to the
supervised entity.
524
The reference goes here to Article 23-sexies, § 8, Regulation (EU) No 513/2011 of 11.05. 2011
amending Regulation (EC) No 1060/2009 on credit rating agencies, and to Article 6, Council
Regulation (Ec, Euratom) No 2988/95 of 18.12.1995 on the protection of the European
Communities financial interests. Cf. on this issue, D’Ambrosio (2017), pp. 1038–1039; Tomkin
(2014), pp. 1377–1378.
525
Cf. Sect. 2.2.
526
527
Cf., e.g., Van Bockel (2015), p. 114, highlighting how “the concurrence of the withdrawal of a
license and the imposition of a fine is not necessarily problematic as long as the withdrawal of the
license (and therefore not the imposition of a fine, due to its necessarily punitive nature) forms the
immediate and foreseeable consequence of a decision sanctioning certain conduct”.
Scenario (ii)—NCAs and National Judicial Authorities
This case covers the factual scenarios in which an NCA is either imposing punitive
sanctions/starting a sanctioning punitive proceeding on less significant credit insti-
tutions, OR is imposing punitive sanctions/starting a sanctioning punitive proceed-
ing on significant credit institutions following the SSM request under Article 18(5)
SSM R, OR is instructed to apply a supervisory measure against a significant credit
institution under Article 9 SSM R, for a breach that is also considered a criminal
offence in national law.
Such situations appear similar to the cases of double-track systems examined
above, and clearly fall in the interpretative uncertainties opened at the national level
on the matter by the ECtHR after the revirement in A and B. Considerations expressed
above with regard to the existence of forms of criminal liability against legal entities
shall also apply. In these cases, issues related to the ne bis in idem could not only be
raised before national courts, but also to before the European Court of Human
Rights, at least in those States that did ratify Protocol No. 7 to the Convention.
Scenario (iii)—SSM and NCAs
At least at theoretical level, this case should not originate violations of ne bis in
idem, as the SSM Regulations allow only for a very limited risk of overlapping
competences between the ECB and the NCAs, thanks to the “significance” criterion
established by Article 6 SSM R.528 As carefully pointed out, however, “similarly to
competition law, the division of tasks and competences between the ECB and the
NCAs within the enforcement architecture of the SSM is not characterized by ‘hard’
legal formalism, but could be described as a system of regulated and centralized
cooperation between authorities”.529
Indeed, regardless of the delegation of supervisory competences to NCAs pro-
vided for by Article 6 SSM R, it is the ECB which remains the entity responsible for
the overall functioning of the system. However, contrary to competition law, penal-
ties imposed by the SSM or the NCAs “do not supposedly reflect the impact of an
infringement on affected markets, but are determined according to the subjective
gain had by a bank through the infringement”, a difference which in practice should
work “to limit the potential for ne bis in idem violations”.530
Therefore, if the coordination between SSM and NCAs works also in practice,531
potential violations of the double jeopardy clause under this profile should possibly
528
In this sense, see also Senkovic (2015), p. 101; see also above, Sect. 4.4.
529
Van Bockel (2015), p. 114.
530
Van Bockel (2015), p. 120; see also p. 104, where the author concludes that “the SSMR appears
rather ‘ne bis in idem proof’ compared to competition law as far as the penalties of Article 18(1)
are concerned”.
531
Cf. Lamandini et al (2015), p. 98, according to whom “The risk of falling within the ne bis in
idem principle, however, can be further mitigated through the development not only of a coordi-
nated investigatory practice, but also the coordinated imposition of penalties.”
be avoided, as there are no cases provided for by the SSM Regulations, where the
ECB and the NCA are entitled to both sanction the same subject(s) for the same
breach(es).
cenario (iv)—SSM or NCAs and Other Relevant Administrative National

S
Authorities or Courts
Lastly, a potential ne bis in idem issue can be identified in the interaction between
punitive penalties imposed under banking supervisory regulations—either by the
SSM (under Article 14(5), 16(2) let. m), 18(1) or partially, by 18(7) SSM R) or
NCAs (under Article 18(5) SSM R,532 or other applicable national law)—and other
administrative punitive penalties imposed by national administrative authorities or
courts.
This hypothesis is of course limited to cases in which the two forms of liability
originate from the same conduct committed by the same subject shall be considered
substantially criminal in light of the Engel criteria. This could, for instance, be the
case of punitive sanctions imposed by national authorities under resolution law (e.g.
Article 110 of BRRD533), or under AML regulations for failure to comply with dis-
closure duties required both for banking supervision, and for resolution or AML
purposes. Violation of the ne bis in idem could in these cases be raised both the
Court of Justice (if the SSM is involved), or before national courts or the ECtHR
(where the conflict remains at domestic level).
Scenario (v)—Potentially Critical Profiles Originated Within the SSM
Potential causes of non-compliance with the principle of ne bis in idem may also
arise from the (unlikely) concurrent application of more supervisory punitive penal-
ties for the same breach, and over the same legal entity, by the same SSM.
This could happen, for instance, in case the ECB is exercising both its direct
sanctioning powers under Article 18(1) SSM R, and its supervisory punitive powers,
for instance the withdrawal of the banking licence against the same entity under
Article 14(5) SSM R. Such cases, which would presumably fall under the jurisdic-
tion of the Court of Justice, can however be avoided by the SSM both ex ante,
with an adequate organization of its internal structures and decision-making
proceedings,534 and (eventually) ex post, applying the principle of proportionality in
the amount of the penalty imposed in light of the case-law of the European Courts.535
532
This hypothesis related to the NCAs is of course subject to the recognition of a criminal nature
also to the penalties provided by the specific national law, applicable under Article 18(5) SSM R.
533
Directive 2014/59/EU of 15.05.2014, cit.
534
In this sense see, e.g., Van Bockel (2015), p. 120.
535
E.g., A and B v Norway, § 132. On the proportionality principle, cf. Caianiello (2014a), p. 143.
References 271
cenario (vi)—Potentially Critical Profiles in the Identification

S
of the Subject Under Investigations
Lastly, further critical profiles on ne bis in idem may also emerge with regard to the
very targets of supervisory sanctions, that is credit institutions.
While the concurrent liability of the bank and its employees and/or CEOs does
not raise any double jeopardy issue, since they certainly represent different and
separate subjects, a far more blurred situation is that of banking groups.
In this last case, indeed, it could be possible to identify each single entity (parent
or subsidiary) as a separate subject, or to consider the group as such (including
therefore, the parent company holding the group) as a single liable subject. Only in
the first case, it would be possible for the SSM to sanction for the same fact both the
parent and one or more subsidiaries without incurring in any violation of the ne bis
in idem.
To solve this issue, it has been reasonably proposed to adopt for the ECB super-
visory sanctioning proceedings the same rule applied in competition cases.536 There,
with regard to the relations between holders of concessions belonging to the same
group, the CJEU has repeatedly affirmed that “if the undertakings form an eco-
nomic unit within which the subsidiary has no real freedom to determine its course
of action on the market”,537 the latter cannot be treated as separate culpable subjects.
If that approach would be upheld also in banking supervision, this would imply that
if a sanction is imposed on a parent company, subsidiaries shall be protected under
the double jeopardy clause against punishment for the same fact.
References
Abbadessa G (2011) Il principio di presunzione di innocenza della CEDU: profili sostanziali. In:
Manes V, Zagrebelsky V (eds) La Convenzione europea dei diritti dell’uomo nell’ordinamento
penale italiano. Giuffrè, Milano, p 381 et seq
Abrams RK, Taylor MW (2000) Issues in the unification of financial sector supervision, in IMF
Working Paper, no. 213
Abrams RK, Taylor MW (2001) Assessing the case for unified sector supervision. Paper presented
at the 2001 risk management and insurance international conference, Mimeo, New York
Adams S, Parras FJ (2013) The European stability mechanism through the legal meanderings of
Union’s constitutionalism: comment on Pringle. Eur Law Rev 6:848–865
Agarwal S, Lucca D, Seru A, Trebbi F (2014) Inconsistent regulators: evidence from banking. Q J
Econ Adv Access 129(2):889–938
Allegrezza S (2008a) L’armonizzazione della prova penale alla luce del Trattato di Lisbona, in
Cass. pen., p 3882
In this sense, see Van Bockel (2015), p. 109.

536
See, e.g., Centrafarm BV and Adriaan de Peijper v Sterling Drug Inc., Case 15-74, 31.10.1974,
537
ECLI:EU:C:1974:114, § 41; Corinne Bodson v SA Pompes funèbres des régions libérées, Case
30/87, 4.05.1988, ECLI:EU:C:1988:225, § 39.
Allegrezza S (2008b) La conoscenza degli atti nel processo penale fra ordinamento interno e
Convenzione europea dei diritti dell’uomo. In: Balsamo A, Kostoris RE (eds) Giurisprudenza
europea e processo penale italiano. Giappichelli, Torino, p 143 et seq
Allegrezza S (2017) Commento all’art. 48. In: Mastroianni R, Pollicino O, Allegrezza S, Pappalardo
Allegrezza S (ed) (2019) The enforcement dimension of the single supervisory mechanism (SSM).
The interplay between administrative and criminal law. CEDAM, Milano
Allegrezza S, Rodopoulos I (2017) Interactions between administrative and criminal law in the
context of the enforcement of bank prudential regulations. In: Franssen V, Ligeti K (eds)
Challenges in the field of economic and financial crime in Europe and the US. Hart Publishing,
Oxford, pp 233–264
Allegrezza S, Voordeckers O (2015) Investigative and sanctioning powers of the ECB in the frame-
work of the single supervisory mechanism. Mapping the complexity of a new enforcement
model. EUCRIM 4:151
Amato G (1967) Individuo e autorità nella disciplina della libertà personale. Giuffrè, Milano
Amodio E (1974) Diritto al silenzio o dovere di collaborazione?, in Riv. dir. proc., p 408
Anagnostopoulos IG (2014) The right of access to a lawyer in Europe: a long road ahead? EuCLR
4:3
Andenæs M (2015) The ECB and NCA liability within the single supervisory mechanism: fore-
word. In: Quad. Ricerca Giuridica, Banca d’Italia, 78, January 2015, pp 3–6
Andreangeli A (2008) EU competition enforcement and human rights. Edward Elgar, Cheltenham
Antoniazzi S (2013) La Banca centrale europea tra politica monetaria e vigilanza bancaria.
Giappichelli, Torino
Antoniazzi S (2015) The ECB’s banking supervision and European administrative integration:
organisation, procedures and legal acts. Ital J Public Law 2:318–369
Arons TMC (2015) Judicial protection of supervised credit institutions in the European Banking
Union. In: Busch D, Ferrarini G (eds) European Banking Union. Oxford University Press,
Oxford, p 469 et seq
Ashworth A (2008) Self-incrimination in European human rights law: a pregnant pragmatism.
Cardozo Law Rev 30(3):751–774
Athanassiou P (2011) Financial sector supervisors’ accountability: a European perspective, in
ECB Legal Working Paper Series, 12 August 2011
Balsamo A (2015) Il contenuto dei diritti fondamentali. In: Kostoris RE (ed) Manuale di procedura
penale europea, 2nd edn. Giuffrè, Milano, p 109 et seq
Balsamo A (2018) The content of fundamental rights. In: Kostoris RE (ed) Handbook of European
criminal procedure. Springer, Cham, p 99 et seq
Barth JR, Nolle DE, Phumiwasana T, Yago G (2002) A cross-country analysis of the bank supervi-
sory framework and bank performance, in OCC economic and policy analysis working paper
2002-2, September 2002
Barth JR, Caprio G, Nolle DE (2004) Comparative international characteristics of banking, in
OCC economics working paper 2004-1
Baughman SB (2011) Restoring the presumption of innocence. Ohio State Law J 72(4):768
BCBS (2012) Core principles for effective banking supervision, September 2012. https://www.bis.
org/publ/bcbs230.htm. Accessed 16 July 2018
Belluta H (2018) L’ente incolpato. Diritti fondamentali e “processo 231”. Giappichelli, Torino
Black J (2002) Critical reflections on regulation. Centre for Analysis of Risk and Regulation at the
London School of Economics and Political Science, London
Black J (2005) Proceduralisation and polycentric regulation, Especial 1 DIREITO GV L. REv,
p 99
Black J (2008) Forms and paradoxes of principles based regulation. LSE Law, Society and
Black J (2010) The rise, fall and fate of priniciple based regulation. LSE Law, Society and
References 273
Black J (2012) Paradoxes and failures: ‘New Governance’ techniques and the financial crisis. Mod
Law Rev 75(6):1037–1063
Black J (2013) Seeing, knowing, and regulating financial markets: moving the cognitive framework
from the economic to the social. LSE Law, Society and Economy Working Papers 24/2013
Bohlander M (2012) Principles of German criminal procedure. Hart Publishing, Oxford
Bontempelli M (2009) L’accertamento amministrativo nel sistema processuale penale. Giuffrè,
Milano
Brescia Morra C (2016) The administrative and judicial review of decisions of the ECB in the
supervisory field, in AA.VV., Scritti sull’Unione Bancaria, in Quad. Ricerca Giuridica, Banca
d’Italia, 81:105
Brescia Morra C, Smits R, Magliari A (2017) The administrative board of review of the European
Central Bank: experience after 2 years. Eur Bus Org Law Rev 18:567–589
Briault C (1999) The rationale for a single national financial services regulator, in Financial ser-
vices authority occasional paper, series 2
Brodowski D (2011) Judicial cooperation between the EU and non-member states. New J Eur
Crim Law 2(1):21–44
Bronckers M, Vallery A (2011) No longer presumed guilty? The impact of fundamental rights on
certain dogmas of EU competition law. World Compet 4:535
Bubula FA (2013) La Direttiva 2013/48/UE sul diritto al difensore e a comunicare con terzi e
autorità consolari in caso di privazione della libertà personale. Alcune note a prima lettura, in
Dir. pen. cont., 29 novembre 2013
Caianiello M (2014a) Il principio di proporzionalità nel processo penale, in Riv. Trim. Dir. pen.
cont., 3-4:143
Caianiello M (2014b) To sanction (or not to sanction) procedural flaws at EU level? A step forward
in the creation of an EU criminal process. Eur J Crime Crim Law Crim Justice 22(4):317
Caianiello M (2017) Commento all’art. 47 (in materia penale). In: Mastroianni R, Pollicino O,
Allegrezza S, Pappalardo F, Razzolini O (eds) Carta dei diritti fondamentali dell’Unione euro-
pea. Giuffrè, Milano, p 902
Caianiello M (2019) Access to and limits on Evidence Dossiers in civil law systems. In: Brown
DK, Turner JI, Weisser B (eds) The Oxford handbook of criminal process. Oxford University
Press, New York
Caianiello M, Di Pietro A (eds) (2016) Indagini penali e amministrative in materia di frodi IVA
Cacucci, Bari
Calzado JR, De Stefano G (2012) Rights of defence in cartel proceeding. Some ideas for manage-
able improvements. In: Cardonnel P, Rosas A, Wahl N (eds) Constitutionalising the EU judicial
system. Essay in Honour of Pernilla Lindh. Hart Publishing, Oxford, pp 423–427
Camaldo L (2016) Presunzione di innocenza e diritto di partecipare al giudizio: due garanzie
fondamentali del giusto processo in un’unica Direttiva dell’Unione europea, in Dir. pen. cont.,
23 marzo 2016
Canestrini N (2016) La direttiva sul rafforzamento di alcuni aspetti della presunzione di innocenza
e del diritti di presenziare al processo nei procedimenti penali, in Cass. pen., p 2224
Cape E, Hodgson J (2014) The right to access to a lawyer at police stations. Making the European
Union directive work in practice. New J Eur Crim Law 5(4):450
Cape E, Namoradze N, Smith R, Spronken T (2010) Effective criminal defence in Europe.
Intersentia, Cambridge
Cappiello S (2015) The EBA and the Banking Union. Eur Bus Org Law Rev 16:421–437
Castellano GG, Jeunemaitre A, Lange B (2012) Reforming European union financial regulation:
thinking through governance models. Eur Bus Law Rev 23:409–414
Castillo De La Torre F (2009) Evidence, proof and judicial review in cartel cases. World Compet
4:505
Caterini M (2015) Dalla presunta innocenza dell’imputato alla presunta efficienza del sistema
penale. Politica del diritto 1:13
Centamore G (2016) Il diritto al difensore nel procedimenti di esecuzione del mandato d’arresto
europeo nella direttiva 2013/48/UE: osservazioni generali e aspetti problematici, in Dir. pen.
cont., 14 gennaio 2016
Chenal R, Tamietti A (2012) sub art. 6. In: Bartole S, De Sena P, Zagrebelsky V (eds) Commentario
breve alla Convenzione europea per la salvaguardia dei diritti dell’uomo e delle libertà fonda-
mentali. CEDAM, Padova, p 172 et seq
Chiavario M (2001) Diritto ad un processo equo. In: Bartole S, Conforti B, Raimondi G (eds)
Commentario alla Convenzione europea per la tutela dei diritti dell’uomo e delle libertà fonda-
mentali. CEDAM, Padova, p 154
Chirulli P, De Lucia L (2015) Specialised adjudication in EU administrative law: the Boards of
Appeal of EU agencies. Eur Law Rev 6:832
Chiu IH-Y (2016) Power and accountability in the EU financial regulatory architecture: exam-
ining inter-agency relations, agency independence and accountability. In: Andenæs M,
Deipenbrock G (eds) Regulating and supervising European Financial Markets. More risks
than achievements. Springer, Heidelberg, p 67 et seq
Ciampi S (2012) La direttiva del Parlamento e del Consiglio sul diritto all’informazione nei pro-
cedimenti penali. Note a margine della direttiva 2012/13/UE, in Dir. pen. cont., 27 June 2012
Colliard JE (2014) Monitoring the supervisors: optimal regulatory architecture in a bank-
ing union. SSRN Working Paper No. 2274164. https://papers.ssrn.com/sol3/papers.
cfm?abstract_id=2274164
Consolo C (2017) Commento all’art. 47 (diritto processuale civile). In: Mastroianni R, Pollicino
O, Allegrezza S, Pappalardo F, Razzolini O (eds) Carta dei diritti fondamentali dell’Unione
europea. Giuffrè, Milano, p 883 et seq
Covolo V (2015) L’émergence d’un droit penal en réseau. Analyse critique du système européen
de lutte antifraude. Nomos, Baden-Baden
Craig P (2014) sub art. 41. In: Peers S, Hervey TK, Kenner J, Ward A (eds) The EU charter of
Cras S, Erbežnik A (2016) The directive on the presumption of innocence and the right to be pres-
ent at trial. EUCRIM 1:25
D’Ambrosio R (2013) Due process and safeguards of the persons subject to SSM supervisory and
sanctioning proceedings, in Quad. Ricerca Giuridica, Banca d’Italia, 74, dicembre 2013
D’Ambrosio R (2015) The ECB and NCA liability within the single supervisory mechanism, in in
Quad. Ricerca Giuridica, Banca d’Italia, 78
D’Ambrosio R (2016) The Single Supervisory Mechanism (SSM): selected institutional aspects
and liability issues. In: Andenæs M, Deipenbrock G (eds) Regulating and supervising European
financial markets. More risks than achievements. Springer, Heidelberg, p 299 et seq
D’Ambrosio R (2017) Commento all’art. 50. In: Mastroianni R, Pollicino O, Allegrezza S,
De Moor Van Vugt A (2012) Administrative sanctions in EU law. Rev Eur Adm Law 5(1):5–41.
Spring 2012
Di Federico G (2013) Deusche Bahn: what the commission can and cannot do in dawn raids. J Eur
Compet Law Pract 5(1):29–31
Di Federico G, Di Chiara G (1994) Cooperazione tra Stati ed assunzione della prova nel territorio
straniero. Lo Scarabeo, Milano
Dominioni O (1991) sub art. 27, comma 2. In: Branca G, Pizzorusso A (eds) Commentario della
Costituzione. Art. 27-28. Rapporti Civili. Zanichelli, Bologna, p 194 et seq
Doorenbos DR (2007) Naming & shaming, in Serie Onderneming en Recht, deel 38:88
Duijkersloot T, Karagianni A, Kraaijeveld R (2017) Political and judicial accountability in the EU
shared system of banking supervision and enforcement. In: Scholten M, Luchtman M (eds)
Law enforcement by EU authorities. Edward Elgar, Cheltenham, p 28 et seq
Ðurðević Z (2016) The directive on the right of access to a lawyer in criminal proceedings: filling
a human rights gap in the European Union legal order. In: Ðurðević Z, Karas I (eds) European
References 275
criminal procedure law in service of protection of European Union financial interests: state
of play and challenges. Croatian Association of European Criminal Law, Zagreb, p 19 et seq
pervision.europa.eu/press/publications/annual-report/pdf/ssm.ar2016.en.pdf?a679777c56323e
d778fc4734ee3667fb. Accessed 16 July 2018
pervision.europa.eu/press/publications/annual-report/pdf/ssm.ar2017.en.pdf?63a120afab30be
18171c083089709229. Accessed 16 July 2018
ECB (2019) Annual report on supervisory activities 2018, 21 March 2019. https://www.bank-
ingsupervision.europa.eu/press/publications/annual-report/html/ssm.ar2018~927cb99de4.
en.html. Accessed 3 June 2019
ECB Monthly Bulletin (2012) Comparing the recent financial crisis in the United States and the
Euro Area with the experience of Japan in the 1990s, May 2012
ECJ (2016) Annual Report 2016. Judicial activity. https://curia.europa.eu/jcms/upload/docs/appli-
cation/pdf/2017-03/ra_jur_2016_en_web.pdf. Accessed 16 July 2018
Elderson F, Weenink H (2003) The European Central Bank redefined? A landmark judgment of the
European Court of Justice. Euredia:273–301
European Commission (2012) Antitrust manual of procedure. http://ec.europa.eu/competition/
antitrust/antitrust_manproc_3_2012_en.pdf. Accessed 16 July 2018
European Court of Auditors (2016) Special Report No. 29, Single supervisory mechanism - good
start but further improvements needed, 18 November 2016
Ferguson C (written by) (2010) Inside job - transcript, Sony Pictures, September 2010. https://
www.sonyclassics.com/awards-information/insidejob_screenplay.pdf. Accessed 17 July 2018
Fernandez-Bollo É (2015) Coexistence of national and European Regulations with regard to the
Ne Bis In Idem principle. In ECB Legal Conference 2015. From Monetary Union to Banking
Union, on the way to Capital Markets Union. New opportunities for European integration, 1–2
September 2015. https://publications.europa.eu/en/publication-detail/-/publication/5b46b780-
3703-11e7-a08e-01aa75ed71a1/language-en. Accessed 16 July 2018, p 143
Ferran E (2012a) Understanding the new institutional acrhitecture of EU financial market super-
vision. In: Wymeersch E, Hopt KJ, Ferrarini G (eds) Financial regulation and supervision. A
post-crisis analysis. Oxford University Press, Oxford, p 111 et seq
Ferran E (2012b) Crisis-driven regulatory reform: where in the world is the EU going? In: Ferran
E, Moloney N, Hill JG, Coffee JC Jr (eds) The regulatory aftermath of the global financial
crisis. Cambridge University Press, New York, p 1 et seq
Ferrua P (2015) La prova nel processo penale. Volume I. Struttura e procedimento. Giappichelli,
Torino
FinCEN (2014) News Release, J.P. Morgan Admits Violation of the Bank Secrecy Act for Failed
Madoff Oversight; Fined $461 Million by FinCEN. January 7th 2014. https://www.fincen.gov/
news/news-releases/jpmorgan-admits-violation-bank-secrecy-act-failed-madoff-oversight-
fined-461. Accessed 16 July 2018
Flore D (2014) Droit Pénal Européen. Les enjeux d’une justice pénale européenne. Larcier,
Bruxelles
FSOC (2011) 2011 Annual Report, October 2012. https://www.treasury.gov/initiatives/fsoc/
Documents/2012%20Annual%20Report.pdf. Accessed 16 July 2018
Garofoli V (1998) Presunzione d’innocenza e considerazione di non colpevolezza. La fungibilità
delle due formulazioni, in Riv. it. dir. proc. pen., p 1168
Gialuz M (2008) sub art. 27, comma 2. In: Beartole S, Bin R (eds) Commentario breve alla
Costituzione, 2nd edn. CEDAM, Padova, p 273 et seq
Gialuz M (2014) L’assistenza linguistica nella prassi giudiziaria e la difficile attuazione della
Direttiva 2010/64/UE. In: Falbo C, Viezzi M (eds) Traduzione e interpretazione per la società
e le istituzioni. EUT Edizioni Università di Trieste, Trieste
Giddy IH (1994) Who should be the banking supervisors. Paper presented at the Seminar on
Current Legal Issues Affecting Central Banks, IMF, May 10, 1994
Gless S (2013) Transnational cooperation in criminal matters and the guarantee of a fair trial:
approaches to a general principle. Utrecht Law Rev 9:90–108
Goldstein T (1979) In rare attack, Justice Marshall says Court Erred, in NYT, May 28, 1979
Goodhart C (2000) The organisational structure of banking supervision. In: FSI Occasional Papers,
no 1, November 2000, 10, 25
Goodhart C (2002) The organizational structure of banking supervision. Econ Notes 31(1):1–32,
draft paper, Financial Markets Group, London School of Economics, London
Goodhart C, Schoenmaker D (1993) Institutional separation between supervisory and monetary
agencies, in Special Paper No. 52, London School of Economics Financial Markets Group,
London
Goodhart C, Schoenmaker D (1995) Should the functions of monetary policy and banking supervi-
sion be separated? Oxford Econ Papers 47:539–560
Gortsos CV (2016) The role of the European Banking Authority (EBA) after the establishment of
the Single Supervisory Mechanism (SSM). In: Andenæs M, Deipenbrock G (eds) Regulating
and supervising European financial markets. More risks than achievements. Springer,
Heidelberg, p 277 et seq
Granner G, Raschauer N (2014) Unschuldsvermutung und Verteidigungsrechte. In: Holoubek M,
Lienbacher G (eds) GRC Kommentar. Charta der Grundrechte der Europäischen Union. Manz,
Wien, p 655 et seq
Grevi V (1972) Nemo tenetur se detegere: interrogatorio dell'imputato e diritto al silenzio nel
penale italiano. Giuffrè, Milano
Grevi V (1976) Libertà personale dell’imputato e costituzione. Giuffrè, Milano
Harris DJ, O’Boyle M, Beates EP, Buckley M (2014) Law of the European Convention on Human
Rights, 3rd edn. Oxford University Press, Oxford
Haubrich JG (1996) Combining bank supervision and monetary policy, in Economic Commentary,
Federal Reserve Bank of Cleveland, November, 1996
Helmholz HR, Gray CM, Langbein JH, Moglen E, Smitz HE, Alschuler AW (1997) The privilege
against self-incrimination: its origins and development. University of Chicago Press, Chicago
House of Lords (2013) European Union Committee, Workload of the Court of Justice of the
European Union: Follow-Up Report, 29 April 2013, London
Illuminati G (1979) La presunzione d’innocenza dell'imputato. Zanichelli, Bologna
Illuminati G (1991) (voce) Presunzione di non colpevolezza. Enc giur Treccani XXIV:22 et seq
International Monetary Fund (2001) International capital markets, August 2001. https://www.imf.
org/external/pubs/ft/icm/2001/01/eng/index.htm. Accessed 17 July 2018
Ioannidou VP (2002) Does monetary policy affect the Central Bank’s role in bank supervision.
Paper presented at the 38th Annual Conference on Bank Structure and Competition, Federal
Reserve Bank of Chicago, May 8–10 2002
Jackson H (2007) Variations in the intensity of financial regulation: preliminary evidence and
potential implications. Yale J Regul 24:253
Jones A (2012) The boundaries of an undertaking in EU competition law. Eur Compet
J 8(2):301–331
Jones A, Sufrin B (2016) EU competition law. Text, cases, and materials, 6th edn. Oxford
Kane EJ (1984) Regulatory structure in futures markets: jurisdictional competition between the
SEC, the CFTC, and other agencies. J Futur Mark 4:367–384
Kane EJ (1996) De Jure Interstate Banking: why only now? J Money Credit Banking 28:141–161
Kern A (2016) The ECB and banking supervision: does single supervisory mechanism provide an
effective regulatory framework? In: Andenæs M, Deipenbrock G (eds) Regulating and super-
vising European financial markets. More risks than achievements. Springer, Heidelberg, p 253
et seq
Klip A, Vervaele JAE (2002) European cooperation between tax, customs and judicial authorities:
the Netherlands, England, and Wales, France and Germany. Kluwer Law International, The
Hague
References 277
Kornezov A (2016) The application of national law by the ECB – a maze of (un)answered ques-
tions. In ECB Legal Conference 2016. 6–7 October 2016. https://www.ecb.europa.eu/pub/pdf/
other/escblegalconference2016_201702.en.pdf. Accessed 16 July 2018, p 270
Kostoris RE (2017) Manuale di procedura penale europea, 2nd edn. Giuffrè, Milano
Kupiec PH, White AP (1996) Regulatory competition and the efficiency of alternative derivative
product margining systems, finance and economics discussion series, in Board of Governors of
the Federal Reserve System, no 96-11, June 1996
Lamandini M (2015) Limitations on supervisory powers based upon fundamental rights and SSM
distribution of enforcement competences. In ECB Legal Conference 2015. From Monetary
Union to Banking Union, on the way to Capital Markets Union. New opportunities for
European integration, 1–2 September 2015. https://publications.europa.eu/en/publication-
detail/-/publication/5b46b780-3703-11e7-a08e-01aa75ed71a1/language-en. Accessed 16 July
2018, p 121
Lamberigts S (2016a) The directive on the presumption of innocence. A missed opportunity for
legal persons? EUCRIM 1:36
Lamberigts S (2016b) The presumption of innocence (and the Right to be Present at Trial) direc-
tive, in European Law Blog, 3 May 2016. https://europeanlawblog.eu/2016/05/03/the-pre-
sumption-of-innocence-and-the-right-to-be-present-at-trial-directive/. Accessed 17 July 2018
Lambrakopoulos SE, Baker NA, Flinn ME (2017) Satisfying the banking regulators’ “Right to
Know” while maintaining confidentiality of privileged material: the privileges and protections
available to banking institutions. J Tax Regul Financ Inst 30(3):5–15
Lasagni G (2019) Investigatory, supervisory and sanctioning powers within the SSM. In: Allegrezza
S (ed) The enforcement dimension of the single supervisory mechanism (SSM). The interplay
between administrative and criminal law. CEDAM, Milano
Lenaerts K, Maselis I, Gutman K (eds) (2014) EU procedural law. OUP, Oxford
Levitt M (1997) Access to the file: the Commission’s Administrative Procedures in Cases under
Articles 85 and 86. Common Mark Law Rev:1424
Ligeti K, Robinson G (2017) Transversal report on judicial protection. In: Luchtman M, Vervaele
JAE (eds) (2017) Report. Investigatory powers and procedural safeguards: Improving OLAF’s
legislative framework through a comparison with other EU law enforcement authorities (ECN/
ESMA/ECB). https://dspace.library.uu.nl/handle/1874/352061. Accessed 15 July 2018, p 219
Lippke RL (2016) Taming the presumption of innocence. Oxford Scholarship Online, Oxford
Llewellyn DT (1999) Introduction: the institutional structure of regulatory agencies. In: Courtis
N (ed) How countries supervise their banks, insurers, and securities markets. Central Bank
Publications, London, pp xi–xix
Looseveld S (2013a) Appeals against decisions of the European supervisory authorities. J Int Bank
Law Regul 1:9–13
Looseveld S (2013b) The ECB’s investigatory and sanctioning powers under the future single
supervisory mechanism. J Int Bank Law Regul 1:422–425
Lupária L (2017) Commento all’art. 48. In: Mastroianni R, Pollicino O, Allegrezza S, Pappalardo
et seq
Magliari A (2015) Il Single Supervisory Mechanism e l’applicazione dei diritti nazionali da
parte della banca centrale europea, in Riv. Ital. Dir. Pubbl. Comunitario, Anno XXV Fasc.
5:1349–1379
Manacorda S (2013) Dalle Carte dei diritti a un diritto penale à la carte. Note a margine delle sen-
tenze Fransson e Melloni della Corte di Giustizia, in Riv. Trim. Dir. pen. cont., 3:242
Manes V (2012) sub art. 7 § 1. In: Bartole S, De Sena P, Zagrebelsky V (eds) Commentario breve
alla Convenzione europea per la salvaguardia dei diritti dell’uomo e delle libertà fondamentali.
CEDAM, Padova, p 258 et seq
Mangiaracina A (2004) Verso nuove forme di cooperazione giudiziaria, in Cass. pen., p 2194
Mangiaracina A (2010) Garanzie partecipative e giudizio in absentia. Giappichelli, Torino
Marzaduri E (2010) Considerazioni sul significato dell’art. 27, comma 2, Cost.: regola di tratta-
mento e regola di giudizio. In: Dinacci FR (ed) Processo penale e costituzione. Giuffrè, Milano,
p 308 et seq
Masciandaro D, Nieto MJ (2014) Governance of the single supervisory mechanism: some reflec-
tions. BAFFI Center Research Paper Series No. 2014-149
Mastroianni R, Pezza A (2014) Access of individuals to the European court of justice of The
European Union under the new text of Article 263, para 4, TFEU, in Riv. it. dir. pub. comuni-
tario, 5:947
Mazza O (2014) Presunzione d’innocenza e diritto di difesa, in Dir. pen. e proc., p 1401
Meister E (2019) How should regulatory and supervisory responsibilities be shared among the
National Functional Regulators?, lecture held at the Multinational Banking Seminar, New York,
June 9, 2001. https://www.bis.org/review/r010613d.pdf. Accessed 17 July 2018
Melícias MJ (2012) “Did They Do It?” The interplay between the standard of proof and the pre-
sumption of innocence in EU cartel investigation. World Compet 3:471
Mitsilegas V (2016) EU criminal law after Lisbon. Rights, trust and the transformation of justice
in Europe. Hart Publishing, Oxford
Moloney N (2012a) Supervision in the wake of the financial crisis: achieving effective “Law in
Action” – a challenge for the EU. In: Wymeersch E, Hopt KJ, Ferrarini G (eds) Financial
regulation and supervision. A post-crisis analysis. Oxford University Press, Oxford, p 71 et seq
Moloney N (2012b) The legacy effect of the financial crisis on regulatory design in the EU. In:
Ferran E, Moloney N, Hill JG, Coffee JC Jr (eds) The regulatory aftermath of the global finan-
cial crisis. Cambridge University Press, New York, p 111 et seq
Mosna A (2017) Commento all’art. 48. In: Mastroianni R, Pollicino O, Allegrezza S, Pappalardo
et seq
Myers RE II (2011) Complex time don’t call for complex crimes. NCL Rev 89:1849
Negri D (2015) Il processo nei confronti dell’imputato “assente” al tortuoso crocevia tra svolgi-
mento e sospensione. In: Daniele M, Paulesu PP (eds) Strategie di deflazione penale e rimodu-
lazioni del giudizio in absentia. Giappichelli, Torino, p 197 et seq
Nehl HP (2014) sub art. 48 (Administrative Law). In: Peers S, Hervey TK, Kenner J, Ward A (eds)
The EU charter of fundamental rights. Hart Publishing, Oxford, p 1277 et seq
Neruda R, Barinka R (2015) Delta Pekarny v Czech Republic: European court of human rights on
dawn raids and prior judicial national authorization. J Eur Compet Law Pract 6(6):411–413
O’Boyle M (2000) Freedom from self-incrimination and the right to silence: a Pandora’s Box? In:
Mahoney P, Matscher F, Petzold H, Wildhaber L (eds) Protecting human rights: the European
perspective, studies in memory of Rolv Ryssdal. Carl Heymans, Cologne, p 1021 et seq
O’Connel D (2006) sub art. 48. In: AA.VV (ed) Commentary of the Charter of fundamental
rights of the European Union. EU Network of Independent Experts on Fundamental Rights,
Bruxellses, p 372 et seq
OCC (2008) A guide to the National Banking System, April 2008. https://www.occ.treas.gov/pub-
lications/publications-by-type/other-publications-reports/nbguide.pdf. Accessed 17 July 2018
Oliver P (2015) Companies and their fundamental rights: a comparative perspective. Int Comp
Law Q 64:685
Onado M (1997) L’evoluzione della vigilanza in campo finanziario: dalla ripartizione per soggetti
alla ripartizione per finalità, in Diritto ed economia, p 145
Orlandi R (1992) Atti e informazioni della autorità amministrativa nel processo penale. Contributo
allo studio delle prove extracostituite. Giuffrè, Milano
References 279
Padoa Schioppa T (2002) EU structures for financial regulation, supervision and stability, Brussels,
ECB Speech, 10 July 2002. https://www.ecb.europa.eu/press/key/date/2002/html/sp020710.
en.html. Accessed 8 Apr 2019
Panzavolta M (2013) Choice of forum and the lawful judge concept. In: Luchtman M (ed) Choice
of forum in cooperation against EU financial crime. Eleven International Publishing, The
Hague
Paulesu PP (2009) La presunzione di non colpevolezza dell’imputato. Giappichelli, Torino
Pech L (2014) sub Article 47. In: Peers S, Hervey TK, Kenner J, Ward A (eds) The EU charter of
Pfaeltzer JJW (2014) Naming and shaming in financial market regulations: a violation of the pre-
sumption of innocence? Utrecht Law Rev 10(1):134–148
Piva P (2017) Commento all’art. 41. In: Mastroianni R, Pollicino O, Allegrezza S, Pappalardo F,
Razzolini O (eds) Carta dei diritti fondamentali dell’Unione europea. Giuffrè, Milano, p 754
et seq
Pulitanò D (1999) Nemo tenetur se detegere: quali profili di diritto sostanziale?, in Riv. it. dir. e
proc. pen., p 1271
Quattrocolo S (2015) The right to information in EU legislation. In: Ruggeri S (ed) Human rights
in European criminal law new developments in European legislation and case law after the
Lisbon Treaty. Springer, Heidelberg, p 85 et seq
Quintard-Morénas F (2010) The presumption of innocence in the French and Anglo-American
legal traditions. Am J Comp Law LVIII(1):107–150
Rabinovici I (2012) The right to be heard in the charter of fundamental rights of the European
Union. Eur Public Law 18(1):149–173
Rafaraci T (2007) Lo spazio di libertà, sicurezza e giustizia nel crogiuolo della costruzione euro-
pea. In: Rafaraci T (ed) L’Area di Libertà, Sicurezza e Giustizia: alla ricerca di un equilibrio fra
priorità repressive ed esigenze di garanzia. Giuffrè, Milano, p 5 et seq
Riso AL (2014) The power of the ECB to impose sanctions in the context of the SSM, in Bančni
vestnik, Letnik 63, Številka 4:32–35
Romano R (2001) The need for competition in international securities regulation, in Yale
International Center for Finance. John M. Olin Center for Studies in Law, Economics, and
Public Policy Working Papers, 258
Ruggeri S (2015) Transnational prosecutions, methods of obtaining overseas evidence, human
rights protection in Europe. In: Ruggeri S (ed) Human rights in European criminal law
new developments in European legislation and case law after the Lisbon Treaty. Springer,
Heidelberg, pp 147–197
Sarkany Z (2012) International financial supervisory convergence: how much should there be?
How best to assess the appropriate level of cross border supervision and enforcement? In:
SSRN. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2201439. Accessed 11 Apr 2019
Sayers D (2014) sub art. 48 (Criminal law). In: Peers S, Hervey TK, Kenner J, Ward A (eds) The
EU charter of fundamental rights. Hart Publishing, Oxford, p 1303 et seq
Sayers D (2015) The new directive on the presumption of innocence: protecting the “Golden
Thread”, in EU Law Analysis, 15 November 2015. http://analysis1921.rssing.com/chan-
30137355/all_p12.html#item223. Accessed 17 July 2018
Scarparone M (1995) Obbligo di autoincriminazione del fallito, in Giur. cost., p 2182
SEC (2017) Division of enforcement, enforcement manual, Office of Chief Counsel, November
28, 2017. https://www.sec.gov/divisions/enforce/enforcementmanual.pdf. Accessed 16 July
2018
Senkovic P (2015) Introduction to Panel 3, The coexistence of National and EU Law and The
Ne Bis In Idem Principle with a Focus on the Supervisory Powers of The European Central
Bank. In ECB Legal Conference 2015. From Monetary Union to Banking Union, on the way
to Capital Markets Union. New opportunities for European integration, 1–2 September 2015.
https://publications.europa.eu/en/publication-detail/-/publication/5b46b780-3703-11e7-a08e-
01aa75ed71a1/language-en. Accessed 16 July 2018, p 100
Shapiro M (1997) The problems of independent agencies in the United States and the European
Union. J Eur Public Policy 4(5):276–291
Slater D, Thomas S, Waelbroeck D (2008) Proceedings before the European Commission and
the right to a fair trial: no need for reform?, in Research Papers in Law, Cahiers juridiques,
No 5. https://www.coleurope.eu/system/files_force/research-paper/researchpaper5_2008.
pdf?download=1. Accessed 17 July 2018
Steene A (2016) Nexans, Deutsche Bahn, and the ECJ’s refusal to follow ECHR case law on dawn
raids. J Eur Compet Law Pract 7(3):180–193
Stewart JB (2011) As a Watchdog Starves, Wall Street is tossed a Bone, in NYT, July 15,
2011. https://archive.nytimes.com/query.nytimes.com/gst/fullpage-9B06E5DB1E3D-
F935A25754C0A9679D8B63.html. Accessed 17 July 2018
Stumer A (2010) The presumption of innocence. Evidential and human rights perspectives. Hart
Publishing, Oxford
Symeonidou-Kastanidou E (2015) The right of access to a lawyer in criminal proceedings: the
transposition of the Directive 2013/48/EU of 22 October 2013 on national legislation. EuCLR
1:68
Taylor M (1995) Twin peaks: a regulatory structure for the new century. Centre for the Study of
Financial Innovation, London
Ter Kuile G, Wissink L, Bovenschen W (2015) Tailor-made accountability within the single super-
visory mechanism. Common Mark Law Rev 52:155–190
Tesoriero S (2016) Processo penale e prova multidisciplinare europea in materia di illeciti finanzi-
ari, in Riv. dir. proc., Novembre-Dicembre 2016, Anno LXXI (Seconda Serie) N. 6:1526–1547
Tomkin J (2014) sub Article 50. In: Peers S, Hervey TK, Kenner J, Ward A (eds) The EU charter
of fundamental rights. Hart Publishing, Oxford, p 1373 et seq
Traverso F (1997) La circolazione probatoria, in Dir. proc. pen., p 987
Trechsel S (2005) Human rights in criminal proceedings. Oxford University Press, Oxford
U.S. Department of the Treasury (2014) U.S. Department of the Treasury -FinCEN in the mat-
ter of: Number 2014-1 J.P. Morgan Chase Bank, N.A., Columbus, OH, Assessment of Civil
Money Penalty. https://www.fincen.gov/sites/default/files/enforcement_action/JPMorgan_
ASSESSMENT_01072014.pdf. Accessed 16 July 2018
U.S. Senate Permanent Subcommittee on Investigations (2010a) Wall Street and the financial cri-
sis: the role of high risk home loan, S.Hrg. 111-671, April 13, 2010. https://catalog.princeton.
edu/catalog/6432027. Accessed 16 July 2018
U.S. Senate Permanent Subcommittee on Investigations (2010b) Wall Street and the financial cri-
sis: role of the regulators, S.Hrg. 111-672, April 16, 2010. https://catalog.princeton.edu/cata-
log/6432020. Accessed 16 July 2018
U.S. Senate Permanent Subcommittee on Investigations (2011) Wall Street and the financial cri-
sis: anatomy of a financial collapse, April 13, 2011. https://www.gpo.gov/fdsys/pkg/CHRG-
Ubertis G (2009) Principi di procedura penale europea. Le regole del giusto processo, 2nd edn.
Raffaello Cortina Editore, Milano
Ubertis G (2017) Sistema di procedura penale, I. Principi generali, 4th edn. Giuffrè, Milano
Van Bockel B (2015) Fundamental rights aspects of the single supervisory mechanism: differenti-
ated standards of protection under the charter of fundamental rights of the EU. In ECB Legal
Conference 2015. From Monetary Union to Banking Union, on the way to Capital Markets
Union. New opportunities for European integration, 1–2 September 2015. https://publications.
europa.eu/en/publication-detail/-/publication/5b46b780-3703-11e7-a08e-01aa75ed71a1/lan-
guage-en. Accessed 16 July 2018, p 103
Van Dijk P (2006) Right to a fair trial and public hearing (article 6). In: van Dijk P, van Hoof F, van
Rijn A, Zwaak L (eds) Theory and practice of the European Convention on Human Rights, 4th
edn. Intersentia, Cambridge, pp 513–577
References 281
Van Kempen PH (2011) The recognition of legal persons in international human rights instru-
ments: protection against and through criminal justice. In: Pieth M, Ivory R (eds) Corporate
criminal liability – emergence, convergence and risk. Springer, Dordrecht, p 373
Van Overbeek W (1994) The right to remain silent in competition investigations: the Funke deci-
sion of the court of human rights makes revision of the ECJ’s case law necessary. Eur Compet
Law Rev 15:127–133
Veenbrink M (2015) The privilege against self-incrimination in EU competition law: a deafening
silence? Leg Issues Econ Integrat 42(2):119–142
Vella F (2002) Banca centrale europea, banche centrali nazionali e vigilanza bancaria: verso un
nuovo assetto dei controlli nell’area euro?, in Banca, borsa, tit. cred., p 150
Vervaele JAE (2014) European criminal justice in the Post-Lisbon area of freedom, security
and justice, with a prologue by G. Fornasari and D. Sartori (eds.) Quaderni della Facoltà di
Giurisprudenza, Trento
Vervaele JAE (2017) Jurisdictional issues in transnational multi-agency and multi-disciplinary
investigations of economic and financial crimes. In: Franssen V, Ligeti K (eds) Challenges in
the field of economic and financial crime in Europe and the US. Hart Publishing, Oxford, p 167
Viering M (2006) Right to a fair trial and public hearing. In: van Dijk P, van Hoof F, van Rijn A,
Zwaak L (eds) Theory and practice of the European Convention on Human Rights, 4th edn.
Intersentia, Cambridge, pp 578–649
Vogler R (2015) Lost in translation: language rights for defendants in European criminal proceed-
ings. In: Ruggeri S (ed) Human rights in European criminal law new developments in European
legislation and case law after the Lisbon Treaty. Springer, Heidelberg, pp 95–109
Voordeckers O (2019) Administrative and judicial review of supervisory acts and decisions under
the SSM. In: Allegrezza S (ed) The enforcement dimension of the single supervisory mecha-
nism (SSM). The interplay between administrative and criminal law. CEDAM, Milano
Wall LD, Eisenbeis RA (2000) Financial regulatory structure and the resolution of conflicting
goals. J Financ Serv Res 17(1):223–245
Weigend T (2014) Assuming that the defendant is not guilty: the presumption of innocence in the
German system of criminal justice. Crim Law Philos 8:285
Whalen G (2001) Key issues in consolidated supervision by the Central Bank, draft paper, Office
of the Comptroller of the Currency, December 2001. Mimeo, New York
Willis PR (2001) “You have the right to remain silent…”, or do you? The privilege against self-
incrimnation following Mannesmannröhren-Werke and other recent decisions. Eur Compet
Law Rev 22:313–321
Wissink L, Duijkersloot T, Widdershoven R (2014) Shifts in competences between Member States
and the EU in the new supervisory system, for credit institutions and their consequences for
judicial protection. Utrecht Law Rev 10(5):92
Witte A (2015) Standing and judicial review in the new EU financial markets architecture. J Financ
Regul 1:226–262
Wolfers B, Voland T (2014) Level the playing field: the new supervision of credit institutions by
the European Central Bank. Common Mark Law Rev 51:1463–1496
Wymeersch E (2007) The structure of financial supervision in Europe. About single, twin peaks
and multiple financial supervisors. Eur Bus Organ Law Rev 8(2):237–306
Zilioli C, Selmayr M (2001) The law of the European Central Bank. Hart Publishing, Oxford
Zwaak L (2006) General survey of the European Convention. In: van Dijk P, van Hoof F, van Rijn
A, Zwaak L (eds) Theory and practice of the European Convention on Human Rights, 4th edn.
Intersentia, Cambridge, pp 2–89
Part III
Banking Criminal Investigations
Chapter 7
Real-Time Monitoring of Banking Data:
State of Play
If banking supervision in Europe stretches the boundaries of criminal investiga-

tions, defying the very definition of substantive criminal matter, and the content of
the safeguards protecting the individuals’ fundamental rights, a non-less challeng-
ing element to criminal banking investigations (and to criminal proceedings in gen-
eral) is represented today by the potential of real-time monitoring or surveillance
investigative techniques.
For the purpose of this work, the terms “real-time monitoring” and “surveil-
lance” are used as synonyms to refer, in light of the case-law of the Court in
Strasbourg,1 to the possibility of observing and recording or collecting data as soon
as (or immediately after) they come into existence (as opposed to gathering already
stored data). This special investigative technique, which may notably impact the
private sphere of individuals and, accordingly, the fairness of criminal proceedings
grounded on the information so collected, is here analysed with specific regard to
banking data or records,2 although its potential extends well beyond the remit of
financial crime.3
To provide a bases for the subsequent critical legal analysis and proposals, this
Chapter proceeds as follows: Sect. 7.1 identifies the categories of banking investiga-
tive techniques, and illustrates how secrecy law, once possibly “the” obstacle in
1
Cf., e.g., Harris et al. (2014), p. 555 et seq, and the cases-law there cited. The analysis of the
impact of the ECtHR jurisprudence on real-time monitoring is carried out in Chap. 8.
2
On the ambiguous definition of banking data, see below Sect. 8.1.
3
Broadly interpreted as all forms of crime which are twisting the financial system either to mainly
realize illicit financial operations (e.g. money laundering, market abuse, obstruction of public pro-
curement or grant procedures, and tax fraud), or to achieve additional illicit purposes (e.g. corrup-
tion, cybercrime, terrorist financing, or human trafficking)—in these last cases, realizing illicit
financial operations is not a necessary, but only a practically frequent part of the illicit conduct. On
the difficulties of defyining the sphere of “financial and economic” crimes, see Franssen and Ligeti
(2017), pp. 2–3.

https://doi.org/10.1007/978-3-030-12161-7_7
286 7 Real-Time Monitoring of Banking Data: State of Play
carrying out banking investigation, is currently relegated to a secondary factor, due

to both substantial changes in criminal (and tax) policy, and the development of
digital technology, which makes it easier for sealed information to be leaked.
Section 7.2 illustrates the legal basis on which production orders on banking
identity and past transactions, are currently carried out in the EU, in particular after
the entry into force of Directive 2014/41/EU on the European Investigation Order.
Section 7.3 introduces the theme of real-time monitoring or surveillance, which cur-
rently pays for the lack of adequate legal basis explaining the reasons why this
measure represents now one of the most challenging frontiers in criminal investiga-
tions, especially on the front of fundamental rights’ protection, and why, in the
banking and financial sector in particular, it is increasingly necessary to introduce a
proper regulation on the matter. Section 7.4 briefly completes the picture on banking
investigative techniques with a reference to freezing and confiscation measures,
which however do not fall under the remit of this work.
Section 7.5 illustrates the European legal basis dealing with surveillance on
banking data or records. Taking into account the provisions available both under the
Council of Europe and the European Union legal framework, and examining their
limited binding value, this Section shows the extremely fragmented panorama in
which some EU Member States are currently applying this intrusive investigative
technique. Lastly, Sect. 7.6 presents the state of play for surveillance of banking
data in the US. In particular, it reveals how forms of monitoring in real-time are
daily enforced by the US Government (for instance, through so-called Hotwatch
orders), even in lack of clear legal basis (and safeguards) to do so.
7.1 B
anking Investigative Techniques and the Residual Role
of Bank Secrecy Law
For a long time, the enforcement of banking investigative techniques, both in crimi-
nal and in administrative (tax) matters found one of its main obstacles in bank
secrecy law.
In recent years, however, possibly due to the fact that obtaining financial infor-
mation has become a crucial element for the successful implementation of goals
increasingly high ranking in the public policy of many countries, such as the fight
against terrorism or (perhaps to a lower extent) the urgency to recover defrauded
pecuniary amounts, awareness at the international level has considerably—although
not necessarily uniformly—grown, concerning the need to allow judicial authorities
to overcome such a barrier.
Following this pressure, several jurisdictions with bank secrecy regulations have
been urged to introduce disclosing rules at least when dealing with transnational
cooperation cases.
A significant dividing line in the policy approach to the issue may be identified
in the 2005 review of the OECD Income and Capital Model Convention, and
7.1 Banking Investigative Techniques and the Residual Role of Bank Secrecy Law 287
p articularly in Article 26(5) thereto, frequently reproduced in numerous subsequent

legislation, according to which in no case shall the provisions concerning confiden-
tiality “be construed so as to impose on […] a Contracting State to decline to supply
information solely because the information is held by a bank, other financial institu-
tion, nominee or person acting in an agency or a fiduciary capacity or because it
relates to ownership interests in a person”.4
Even before that date, however, the European policy on bank secrecy law under-
went some fundamental evolutionary steps. Already in 1990, in fact, the Council of
Europe introduced the obligation on States Party not to invoke bank secrecy as a
ground to refuse transnational cooperation, eventually allowing judicial authorities
to lift this privilege, at least in the fight against money laundering and, since 2005,
terrorist financing.5 In the EU, the necessity “to improve the cooperation programme
in the field of action against organised crime, the laundering of the proceeds of
criminal offences, and financial crime by abolishing barriers to criminal investiga-
tions for tax reasons” had been acknowledged since the late 2000, when the Council
of the European Union explicitly stated “its position that bank secrecy in particular
should not be invoked against judicial authorities”.6
In 2001, this position was implemented by Article 7 of the First Protocol to the
2000 Convention on Mutual Assistance in Criminal Matters,7 with a formulation
replicated also in the Tax Recovery Directive 2010/24/EU,8 and in the Administrative
Cooperation Directive 2011/16/EU.9 The latter, in particular, provided at Article
18(2) that “in no case” Member States shall be permitted to “decline to supply infor-
mation solely because this information is held by a bank, other financial institution,
nominee or person acting in an agency or a fiduciary capacity or because it relates
to ownership interests in a person”.
This provision, entered into force in 2017, was considered by many “the end of
banking secrecy law” in the Union.10 At first glance, this conclusion appears contra-
4
Cf. Article 26(5), OECD (2005).
5
Cf. Articles 4(1) and 18(7), COE Convention on Laundering, Search, Seizure and Confiscation of
the Proceeds from Crime, CETS 141, Strasbourg, 08.11.1990; and Article 7(1), COE Convention
on Laundering, Search, Seizure and Confiscation of the Proceeds from Crime and on the Financing
of Terrorism, CETS 198, Warsaw, 16.05.2005.
6
Conclusion no. 6, 2298th Council meeting- ECOFIN and JUSTICE and HOME AFFAIRS,
Luxembourg, 17.10.2000, 200012128/00 (Presse 381). http://europa.eu/rapid/press-release_
PRES-00-381_lt.htm?locale=lt. Accessed 19 July 2018.
7
First Protocol to the 2000 Convention on Mutual Assistance in Criminal Matters, Council Act of
16.10.2001; 2001/C 326/01 (hereinafter “2001 Protocol”). See also Comment to Article 7,
Explanatory report to the Protocol to the 2000 Convention on mutual assistance in criminal matters
between the Member States of the European Union (Text approved by the Council on 14.10.2002).
Cf. De Amicis (2002); Vernimmen-Von Tiggelen and Surano (2008).
8
Cf. Article 5, Council Directive 2010/24/EU of 16.03.2010 concerning Mutual Assistance for the
recovery of claims relating to taxes, duties and other measures. Interestingly, however, a similar
provision has not been included in the EIO Directive.
9
Cf. Article 18(2), Council Directive 2011/16/EU of 15.02.2011 on Administrative Cooperation in
the field of Taxation, as modified by Council Directive 2014/107/EU of 9.12.2014.
10
Cf., e.g., Spiegel (2014). Especially after Luxembourg and Austria after agreed to lift their
vetoes, cf., e.g., Loi du 26 mars 2014 portant transposition de l’article 8 de la directive 2011/16/UE
dicted by Directive 2014/41/EU on the European Investigation Order (EIO).11

Regardless of its numerous (and sometimes evident) limitations, abundantly high-
lighted by legal scholars, Directive 2014/41 represents to date the forefront of the
EU legal framework on the matter of evidence, aiming at establishing a “single
regime” for the collection and dissemination of evidence in the Union.12
Identifying the grounds which may be invoked in refusing an EIO, Article 11 of
the Directive recognizes the “immunity or a privilege under the law of the executing
State which makes it impossible to execute the EIO”.13
It might be then argued that “bank secrecy law”—never explicitly mentioned in
the EIO Directive but possibly included in this clause is here, indirectly “revived” as
a reason to refuse transnational cooperation. According to Article 34 of the same
legislation, however, as from 22 May 2017 the Directive replaces (only) “the cor-
responding provisions” of (among other legal sources) the 2000 Convention on
Mutual Legal Assistance in Criminal Matters and its protocol. Since Article 7 of the
Protocol—explicitly dealing with bank secrecy law—does not find any specific cor-
respondent in the Directive, it may then be concluded that this provision remains
into force also under the new regime (at least against those few States who ratified
the Protocol14). The fact that bank secrecy law is no long enforceable among
Member States in the field of taxation, thanks to aforementioned Administrative
Cooperation Directive, also supports this interpretation: Indeed, it would be hard to
argue that this privilege, banned from the tax matter, maintains a relevant role in
criminal law, where even more compelling interests are at stake.
du Conseil du 15 février 2011 relative à la coopération administrative dans le domaine fiscal et

portant modification 1. de la loi du 29 mars 2013 relative à la coopération administrative dans le
domaine fiscal; 2. de la loi modifiée du 4 décembre 1967 concernant l’impôt sur le revenu (Official
publication: Mémorial Luxembourgeois A; Number: 44; Publication date: 2014-03-31; Page:
00510-00511) for Luxembourg.
11
Transposed by several Member States after the expiration of the related deadline, e.g. AT and ES,
https://eur-lex.europa.eu/legal-content/EN/NIM/?uri=celex:32014L0041. Accessed 22 June 2019.
The Directive was also transposed in the UK.
12
Cf. Recital (24) Directive 2014/41. For an analysis on the innovative character and the limits of
these cooperation tool see, e.g., Armada (2015), Mangiaracina (2014), Allegrezza (2014),
Bachmaier Winter (2010), and Daniele (2017), p. 418 et seq. For more literature and analysis on
the EIO Directive in the panorama of EU cooperation in criminal matter, see Sect. 2.3.4.
13
Cf. Article 11(1), let. a). For the role of the EIO Directive in the general panorama of EU coop-
eration in criminal matter, see above Sect. 2.3.4; for its role concerning real-time monitoring, see
below Sect. 7.5.
14
In particular, HR, EE, EL, IE and IT did not ratify it. http://www.consilium.europa.eu/en/docu-
ments-publications/treaties-agreements/agreement/?id=2001090. Accessed 18 July 2018.
7.1 Banking Investigative Techniques and the Residual Role of Bank Secrecy Law 289
Against this background, in the EU bank secrecy currently receives less protec-
tion than commercial, industrial or professional secrets15.
A drastic reduction of the role played by bank secrecy law may be observed also
in the United States, where banks are compelled under the Bank Secrecy Act to
report any suspicious activity to the competent authorities (such as the OCC), under
pain of civil and criminal penalties.16 This approach was further strengthened in
2010, with the approval of the Foreign Account Tax Compliance Act (FATCA);
which imposed on non-US financial institutions the duty to report 124 to the
Department of Treasury assets and identities of potential US national customers. In
this sense, FATCA represented a powerful incentive for the EU to approve the afore-
mentioned Administrative Cooperation Directive.17 This trend, of course, does not
mean that bank secrecy law has lost all its impeding character on a global dimen-
sion, where tax havens (officially listed, or de facto) are far from being side-lined.
Against the notorious Swiss case, where the extent of the privilege was substantially
reduced in the last few years,18 some countries in fact still maintain, also within the
same US or European jurisdictions (e.g. Delaware, or the UK Crown Dependency
of Jersey, Guernsey, Isle of Man and British Virgin Islands), an extremely strict
policy when it comes to disseminate financial records.
Nonetheless in general terms, the growing interest at the international level in
exchanging banking information has drastically changed the general perception
over the right to confidentiality of financial institutions.19
A sign in this sense can be seen in the increasing use of the so-called “naming
and shaming” policies against legal entities which do not comply with obligation
reports and disclosure duties established both for administrative and criminal justice
purposes.20 The reduction of bank secrecy law has also been strongly supported by
15
Even though professional secrecy is also heavily limited in banking investigations, since, as
previously illustrated, cannot be invoked by credit institutions, persons belonging to them or third
parties to whom these entities have outsourced functions or activities, before the requests for infor-
mation made by the Single Supervisory Mechanism; Cf. Article 10(2) SSM R; see Sect. 6.1.3, note
85; and Sect. 6.3.5 with regard to the impact on the privilege against self-incrimination.
16
31 U.S. Code § 5311 et seq., in particular §§ 5321–5322. Cf. above, Sect. 5.2.
17
P.L. 111–147.
18
Especially after 2017, when the Amending Protocol to the Agreement between the European
Community and the Swiss Confederation providing for measures equivalent to those laid down in
Council Directive 2003/48/EC on taxation of savings income in the form of interest payments
entered into force, cf. also Hess (2012), pp. 169–173.
19
In the US, the theme is actually shifting from the right to confidentiality of financial institutions,
including banks, to that of financial (and banking) regulators. That is for instance the case of
requests of information from foreign third-parties (such as the ECB supervising over branches of
EU banks located in the US) being rejected not because a financial institution is opposing bank
secrecy, but because if that piece of information has already been shared with a US regulator, the
bank is prevented from making further disclosures of the same, under threat of punishment. For the
analysis of cooperation rules in the SSM legal framework, see Sect. 6.1.3; for the US supervisory
system, see Sect. 6.1.2.
20
As shown by the EU banking supervisory legislation previously analysed. For a definition of
“naming and shaming”, see Sect. 6.2, note 133. For this kind of sanctions in CRD IV, see Sect. 4.3,
the advent of digital technology, which made it a lot easier to collect and leak
(legally or illegally) non-public information, including banking data.
Clear examples of this potential may be found in the notorious scandals involv-
ing the British HSBC (where numerous cases of tax evasion and money laundering
were discovered thanks to the disclosure of about 30,000 bank accounts holders by
Mr. Falciani, a former employee of the bank21), or in those concerning the world’s
fourth biggest provider of offshore financial services Mossack Fonseca & Co. (bet-
ter known as “Panama papers”22) or, more recently, the State of Malta (the so-called
“Malta-files scandal”23).
To date therefore, bank secrecy does not seem anymore that insurmountable
challenge to banking and financial investigations that it used to be.24 As clearly
shown by the HSBC example a much more relevant obstacle to efficient transna-
tional cooperation is today represented, by the legal uncertainty about whether, and
if so, at which conditions, obtained records may be successfully used as evidence at
trial.25
This assessment appears all the more difficult when records are collected through
technological highly intrusive investigative techniques which, are generally highly
unregulated, as it is the case of real-time monitoring. But this is not a mere problem
with regard to more recent investigative techniques: in most cases the status of
banking criminal investigations as such, is not clearly defined by legislature. In this
sense, different approaches may be currently found in Europe.
From one side, at the supranational level, banking investigative techniques tend
to be recognized a certain autonomy from other criminal investigative measures in
particular by the Council of Europe, and the EU.
On the other side, at the national level, specific procedural rules for banking
investigations are only seldom established (sometimes accompanied by specialized
prosecutorial or law-enforcement bodies26). This situation seems to presist regard-
and in the SSM legal framework, Sect. 4.4.2.

21
For the “massive backlog of over 17,000 alerts identifying possible suspicious activity that had
yet to be reviewed; ineffective methods for identifying suspicious activity; a failure to file timely
Suspicious Activity Reports with U.S. law enforcement; a failure to conduct any due diligence to
assess the risks of HSBC affiliates before opening correspondent accounts for them […] inade-
quate and unqualified AML staffing; inadequate AML resources […] severe, widespread, and long-
standing AML deficiencies”, HSBC—one of the largest financial institutions in the world—has
been convicted in the US, agreed to an about $ 2 billion fine, and faced a criminal proceeding in
Switzerland, where it was closed in return for a £ 28 million settlement. Cf. U.S. Senate Permanent
Subcommittee on Investigations (2012), p. 3; and BBC (2012). See also, among others, Carvajal
and Minder (2013), M.V. (2016), and Garside (2015).
22
As revealed by The International Consortium of Investigative Journalists (ICIJ), cf. https://pana-
mapapers.icij.org. Accessed 19 July 2018. See, e.g., Fitzgibbon (2017).
23
As revealed by European Investigative Collaborations, cf. https://eic.network/projects/malta-
files. See, e.g., Malagutti et al. (2017), and Henrichs (2017).
24
Cf. Drüen (2012), p. 80; In this sense also Panzavolta (2016), p. 370.
25
Analyzing this issue, with regard to a Luxemburgish/Belgian case, Van Hoek and Luchtman
(2005).
26
Cf. Lasagni and Rodopoulos (2019, forthcoming). Franssen and Ligeti (2017), p. 7, report of the
development of a specialized prosecutorial body, the National Financial Public Prosecutor; a simi-
7.2 Measures (i) and (ii): Access to Banking Information and Past Transactions 291
less of the fact that the collection and analysis of banking records have become
increasingly essential components of all criminal investigations, especially in a
transnational dimension, and not only for those concerning financial and economic
offences.27
Against this asymmetric background, legal scholars tend to divide investigative
powers allowing access to banking data into four main categories, taking into
account their degree of coercion, the fundamental rights affected and, as a conse-
quence, the level of necessary safeguards required.28
On a scale of increasing intrusiveness such investigative techniques may therefore
encompass (i) measures granting access to banking information in a “strict sense”
and (ii) to past banking transactions; (iii) measures allowing a continuous monitoring
of bank accounts; and (iv) measures aiming at the freezing of banking accounts.
7.2 M
easures (i) and (ii): Access to Banking Information
and Past Transactions
The first two kinds of banking investigative techniques, which are at the same time
the less intrusive and controversial, belong to the wide category of “production
orders”.
Although the EU legal framework does not provide for a definition of production
orders, they are referred to by legal scholars as “the powers of the authorities to
inspect, copy or order the production of data, documents or other objects, in what-
ever form (oral, written, digital)”.29
In banking investigations, production orders mainly consist in requests for infor-
mation, to which a financial institution (in the broad sense described above30) is
compelled to reply providing the details (a) to identify the owner(s) or the holder(s)
of specific bank account(s) (the so-called “banking identity”), or (b) to reconstruct
lar specialization has been recently recommended also in Italy by the Parliamentary Committee on
banking investigations (although the outcome of these recommendations is currently rather uncer-
tain, given the termination of the current parliamentary term), cf. Senato della Repubblica Italiana,
Legislatura 17ª. Commissione parlamentare di inchiesta sul sistema bancario e finanziario.
Resoconto sommario n. 47 del 30.01.2018, Relazione conclusiva approvata dalla Commissione
nella seduta del 30.01.2018 (relatore: sen. Marino). http://www.parlamento.it/japp/bgt/showdoc/
frame.jsp?tipodoc=SommComm&leg=17&id=01064008&part=doc_dc-sedetit_a1&parse=no.
27
In the EU, as reported by Tricot and Martìn (forthcoming), p. 5 of the draft, that is the case only
of AT, BE, PT, SI, and UK. In the present work, therefore, reference to the national legislations will
be made only to underline some of the risks inherent in such fragmentation, especially on the front
of procedural rights and safeguards, while the main legal analysis focuses only on the European
level, again in comparison with the US federal relevant legal framework in the more critical pro-
files (real-time monitoring).
28
Cf. Tricot and Martìn (forthcoming), p. 2 of the draft.
29
Luchtman and Vervaele (2017), p. 268.
30
Cf. Sect. 2.1.
banking transaction(s) carried out in a specified time in the past (e.g. disclosing the
sending or the recipient account details).
Historically, production orders represent the basic core of investigative tools
from which banking investigations had been developed. For this reason, and for
their relatively low level of intrusiveness (if compared with the surveillance mea-
sures) the need to make these investigative techniques available to investigating
authorities is generally undisputed.
All competent authorities of EU Member States (law-enforcement agencies,
prosecutors or investigating judges, according to the different legal systems) may
apply production orders. These measures find clear legal basis also at the suprana-
tional level, especially thanks to the intervention of the Council of Europe, which
first introduced an obligation to implement these tools in the 1990 Convention on
Laundering, Search, Seizure and Confiscation of the Proceeds from Crime and (in
the 2005 version) on the Financing of Terrorism.
In particular, according to Article 4 of the 1990 Convention, “Each Party shall
adopt such legislative and other measures as may be necessary to empower its courts
or other competent authorities to order that bank, financial or commercial records be
made available” for investigative purposes, or to apply provisional measures, or for
confiscation.31
This obligation was further specified in the 2005 Convention, whose Article 7(2)
explicitly requires Member States to “adopt such legislative and other measures as
may be necessary to enable it to: a) determine whether a natural or legal person is a
holder or beneficial owner of one or more accounts, of whatever nature, in any bank
located in its territory and, if so obtain all of the details of the identified accounts; b)
obtain the particulars of specified bank accounts and of banking operations which
have been carried out during a specified period through one or more specified
accounts, including the particulars of any sending or recipient account”.32
The need to include digital data among the potential targets of production orders
also for banking investigative purposes was explicitly stressed in the 2001
Convention on Cybercrime, which at Article 18 establishes the duty for Each Party
to empower competent authorities to “order: a) a person in its territory to submit
specified computer data in that person’s possession or control, which is stored in a
computer system or a computer-data storage medium; and b) a service provider
offering its services in the territory of the Party to submit subscriber information
relating to such services in that service provider’s possession or control”, including
in that expression “the subscriber’s identity, postal or geographic address, telephone
and other access number, billing and payment information [… and] any other infor-
mation on the site of the installation of communication equipment”.33
Regulation of production orders is acknowledged a certain level of agreement
also at the EU level, where a satisfying common level of procedural rules (in crimi-
nal, as well as in administrative law) is still far from being achieved.34
31
CETS 141, cit.
32
CETS 198, cit.
33
CETS 185, Budapest, 23.11.2001.
34
Symptomatic, in this sense, is the Proposal of the Commission for a Regulation on the European
Production and Preservation Orders for electronic evidence in criminal matters COM/2018/225
7.2 Measures (i) and (ii): Access to Banking Information and Past Transactions 293
First of all, production orders consisting in requests for information on bank

accounts and on banking transactions are included in the First Protocol to the 2000
Convention on Mutual Assistance in Criminal Matters. The Protocol does not
directly regulate domestic investigations, but rather deals with banking inquiries
carried out at the transnational level, in relation to specific forms of crimes, mostly
represented by the so-called PIF offences.35
Under this perspective, to the extent that the information is in the possession of
the bank holding the account, Articles 1 and 2 of the Protocol required Member
States to “take the measures necessary to determine, in answer to a request sent by
another Member State, whether a natural or legal person that is the subject of a
criminal investigation holds or controls one or more accounts, of whatever nature,
in any bank located in its territory and, if so, provide all the details of the identified
accounts”, including those “for which the person that is the subject of the proceed-
ings has powers of attorney”, as well as to “provide the particulars of specified bank
accounts and of banking operations which have been carried out during a specified
period through one or more accounts specified in the request, including the particu-
lars of any sending or recipient account”.
As anticipated, the value of the Protocol should not be overestimated, since to
date it has been implemented only by some EU Member States.36 However, due the
general availability of production orders in domestic legal orders, its limited
enforceability does not seem to play a determinant role in this specific regard.
This is even more so, considering that production orders are also listed among
the investigative techniques contained in the European Investigation Order (EIO)
Directive. The 2001 provisions concerning production orders in banking investiga-
tions could be then now considered substituted by Articles 26 and 27 of the EIO
Directive.37
According to Article 26, in particular, an EIO may be issued to determine whether
any natural or legal person subject to criminal proceedings holds or controls one or
more accounts, of whatever nature, in any bank or non-bank financial institution38
located in the territory of the executing State, and if so, to obtain all the details of
the identified accounts (the so-called “banking (or financial) identity”).
In this case, an EIO may be issued if the requested information is likely consid-
ered to be “of substantial value” for the purpose of the criminal proceedings
concerned.39
final-2018/0108 (COD). The mere existence of this initiative, although uncertain in its outcome,
shows a certain degree of trust among Member States on this matter. For general considerations,
still valid, on the harmonisation of national law in the criminal matters, see Illuminati (2009) and
Siracusano (2012).
35
For a definition of PIF crimes, see above Sect. 2.3.4.
36
Cf. Sect. 7.1.
37
Cf. Article 34, Directive 2014/41/EU.
38
As defined by Article 3 of Directive 2005/60/EC of 26.10.2005 on the prevention of the use of
the financial system for the purpose of money laundering and terrorist financing (better known
as “Third AML Directive”). The directive has currently been substituted by the “Fifth AML
Directive” (Directive 2018/843, cit.), which directly refers to CRD IV and CRR for the definition
of respectively “financial institution” and “credit institution”.
39
Cf. Article 26(5) Directive 2014/41.
According to Article 26(3), this information may be referring to the direct sub-
ject of a criminal investigations, either natural or legal person, and to all persons for
which the latter has powers of attorney.
Recital (27) of the Directive, however, adds that when an EIO is issued to obtain
evidence concerning the accounts, of whatever nature, held in any bank or any non-
banking financial institution by a person subject to criminal proceedings, “this pos-
sibility is to be understood broadly as comprising not only suspected or accused
persons but also any other person in respect of whom such information is found
necessary by the competent authorities in the course of criminal proceedings”. It
remains therefore unclear whether this subjective extension of the order could pre-
vail on the narrower wording of Article 26.40
The “details” which may be obtained following an EIO should be interpreted as
including at least: The name and address of the account holder; potential details of
any powers of attorney held over the account; and any other details or documents
provided by the account holder when the account was opened and that are still held
by the bank.41
Article 27 of the Directive, on the other side, provides that an EIO may be issued
to obtain details on banking operations, and financial operations conducted by non-
banking financial institutions, which have been carried out during a defined period
through one or more accounts.
These details shall include, for instance, the banking (or financial) identity of any
sending or recipient account. An EIO may be issued in this case if the requested
information is likely considered to be “relevant for the purpose” of the criminal
proceedings concerned.42 Comparing this parameter with the one provided for by
Article 26 (“substantial value”), legal scholars have pointed out how it appears dif-
ficult to understand which is the ratio justifying different requirements for these
measures, and, in particular, an apparently less pressing requirement in case of the
most intrusive one, i.e. request for information about the details of past
transactions.43
Similarly to the Protocol to the 2000 Convention, also the EIO Directive does not
impose specific requirements for national investigation. It however requires Member
States to adopt all measures necessary to collect and share such banking records in
case an EIO is issued.
Nonetheless, again similarly to the Protocol, the obligation to disclose banking
identity or past transactions applies “only to the extent that the information is in the
possession of the bank keeping the account”.44
In case the information refers to a non-banking financial institution, taking into
account that in many countries only banks are subject to a more stringent regulation,
both Articles 26(6) and 27(5) of the Directive provide that an EIO may be refused
40
The point has been raised by Panzavolta (2016), p. 372.
41
Cf. Recital (29) Directive 2014/41.
42
Cf. Article 27(4) directive 2014/41.
43
Panzavolta (2016), pp. 371–372.
44
Cf. Articles 26(4) and 27(3) Directive 2014/41.
7.3 Measures (iii): Real-time Monitoring of Banking Data 295
“if the execution of the investigative measure would not be authorised in a similar
domestic case”.
Differences concerning protection orders thus keep persisting at the national
level also under the EIO Directive, including very relevant profiles, such as the pos-
sibility to impose sanctions against the refusal to provide the information
requested.45
Nonetheless, it is indicative that production orders of banking records are
included in the rather limited list of investigative powers that the European Public
Prosecutor Office (EPPO) will be able to exercise in its transnational inquiries. In
particular, according to Article 30(1) of the EPPO Regulation, participating Member
States shall ensure that prosecutors from the Office will be entitled to issue produc-
tion orders to obtain “any relevant object or document” and “stored computer data”,
including (also) banking account data, at the conditions provided for by national
law.46 In this context, actually, some doubts may arise as to whether the exclusive
reference to banking “account data” could be interpreted as potentially preventing
the EPPO from accessing records of past transactions, when that is not allowed in
national law. However, the mere fact that production orders have been included in
the EPPO Regulation testifies a rather broad consensus over the need of making this
measure available in banking and financial investigations: This is not the case with
all banking investigative techniques, and in particular, with real-time monitoring of
banking records.
7.3 Measures (iii): Real-time Monitoring of Banking Data
Conversely to production orders, surveillance or real-time monitoring investigative

techniques represent today one of the most debated frontiers in the evolution of
criminal law and prosecutorial systems, both in the EU and in the US.
Surveillance in banking investigation, in fact, touches several critical profiles
that are currently challenging the obligation for criminal investigations to respect
fundamental rights, such as the transnational dimension of offences and inquiries,
and the impact of digital technology. Today, banking records are mostly no more
represented by paper documents, but rather by digital data, the treatment of which
is still highly varying in national legal systems.47 In this sense, talking about real-
45
The profile, relevant under the protection from self-incrimination, has been analysed with regard
to the SSM banking investigations in Sect. 6.3.6.
46
Cf. Article 30(1), let. c) and d), EPPO Regulation (2017/1939), cit.
47
As, for instance, shown by the increasingly prominent role played by FinTech (Defined by the
Financial Stability Board as “technology-enabled innovation in financial services that could result
in new business models, applications, processes or products with an associated material effect on
the provision of financial services” (cf. FSB 2017, p. 7) in the banking sector, also recognized at
the institutional level in the EU, and in particular by the European Central Bank, which in 09/2017
has published for consultation a draft guides to bank licensing and fintech bank licensing, cf.
time monitoring of banking records means also to talk, and examine, forms of real-
time collection of digital data.48
Banking surveillance, may be used for different purposes.
Real-time monitoring may be performed to identify suspicious accounts, or more
likely, financial transactions in order to apply freezing measures in due time. That is
for instance the purpose mainly pursued by the Financial Investigating Unit (FIUs),
which may be granted the power to apply assets’ temporary and urgent measures to
suspicious financial transactions, pending the opening of a criminal proceeding.49
Surveillance, however, could also serve location purposes, for instance when it is
necessary to locate a subject in real-time through the reconstruction of his/her finan-
cial transactions; or may be applied when it is necessary to collect evidence in a
short time, for instance to reach probable cause to enforce an arrest or a search.
Real-time monitoring may hence be used in a twofold direction: First, to collect
information which generally does not get stored, and risks being otherwise dis-
persed, similarly to wire-tapping.50
Second, surveillance may be used to gather information which in theory could be
obtained also through production orders, in those cases where the latter cannot be
applied.
That could happen, for instance, in contexts where data are not stored due to the
lack of legislative basis providing for retention and reporting obligations upon cer-
tain financial operators, or where retention obligations are rather limited in time.
Typical in this sense is the case of non-banking “alternative” financial operators,
which are usually not subject to reporting obligations like financial institutions (e.g.
for donation or reward crowdfunding), and/or whose transactions are either not
https://www.bankingsupervision.europa.eu/press/pr/date/2017/html/ssm.pr170921.en.html.
48
For the implications of this dimension in the compliance with fundamental rights of defence and
privacy established in the CFREU, see Sect. 8.1.
49
As it is, for instance, the case of the Italy, see Article 6(7)(c) of Legislative Decree no. 231 of
21.11.2007 (implementing Directive 2005/60/EC, mentioned above in Sect. 3.4, note 66). For
FIUs, see Sect. 3.3.
50
Although highly worrying retention practices of commercial operators and communication ser-
vice providers, for instance involving intelligent personal assistants like Echo, are increasingly
making possible to retrieve the content of communications also ex post. As clearly showed by the
renowned murder case in the US, in which the police “seized” the communications recorded by
Alexa (Echo), an intelligent personal assistant developed by Amazon, activated by vocal com-
mands, and capable of several interactions (e.g. music playback, making to-do lists, setting alarms,
streaming podcasts, playing audiobooks, providing weather, traffic, and other real-time informa-
tion, and control several smart devices). In order to get the command, Alexa is constantly listening
what happens in the location where it is placed; in that case, it was further “discovered” that Alexa
(i.e. Amazon) was actually keeping the records of all noises, so that it was able to produce them at
trial. Cf., e.g., Sampathkumar (2017).
7.3 Measures (iii): Real-time Monitoring of Banking Data 297
stored, or stored in a way that makes reconstruction of the financial operations de

facto impracticable (e.g. in case of Hawala).51
The need to apply surveillance techniques may also arise from concrete difficul-
ties in using production orders, for instance where the amount of information is
likely to be so huge or dispersed, that an ex post analysis would require such a long
time, or such relevant resources to make its result almost farfetched.
Lastly, real-time monitoring may also prove extremely useful in those situations
where it is not possible or very unlikely to obtain a production order because of
limited jurisdiction, lack of cooperation agreements, or poor implementation of the
latter (e.g. in case of tax havens). In this sense, surveillance is an investigative tech-
nique able to keep pace with the globalised dimension of financial (also criminal)
transactions and networks, circumventing the limited enforcing powers of criminal
justice systems, that are still mostly nationally based.
Against this background, on one side, applying surveillance techniques to finan-
cial crime appears rather fitting to meet the targets established by the FATF
Recommendations, which require national competent authorities to exercise “effec-
tive systems for monitoring” of financial transactions, at least in the fight against
money laundering and financing of terrorism.52 Indeed, the financial market and
especially the banking system, as it was shown by the last financial crisis, is possi-
bly the most globalized economic sector ever, in which the dematerialization of
services, encouraged and strengthened by the Internet, makes it extremely and
increasingly hard both to identify breaches of criminal law, and to collect evidence
to prove the latter at trial, without using equally technological and transnational
investigative measures. For this reason, the opportunity to implement real-time
monitoring investigative techniques is increasingly shared by scholars and practitio-
ners, which acknowledge the need to equip criminal justice systems with tools apt
to the challenges of digital technology and globalization, especially against the most
serious (often also organized) forms of crimes.53
On the other side, however, the pervasiveness of surveillance investigative tech-
niques, and their capacity to circumvent national regulation based on the rule of law
and severely affect fundamental rights of the individual(s), suggests a very cautious
approach, that vouches for adequate practical and legal safeguards to limit and bal-
ance the scope of such new powers.
51
As illustrated above, Sect. 2.1. On the other side, some alternative financing transactions may be
neither stored, nor intercepted, at least given the current technological development, as in the case
of bit-coins.
52
See FATF Recommendation, no. 26 and 27. In general on the FATF role in financial investiga-
tions, see Sect. 3.2.
The Recommendations refer also explicitly to real-time monitoring in the Recommendation 19,
according to which “A beneficiary financial institution should take reasonable measures to identify
cross-border wire transfers that lack required originator or required beneficiary information. Such
measures may include post-event monitoring or real-time monitoring where feasible”. Cf. also
Franssen and Ligeti (2017), p. 1 et seq.
53
Cf., e.g., Tricot and Martìn (forthcoming); Caianiello (2016), p. 315; Panzavolta (2016), p. 371;
Franssen and Ligeti (2017), p. 1 et seq.; Zanetti (2008), p. 510; Felicioni (2012), p. 42; Cocq and
Galli (2013). See also Di Nicola et al. (2015).
Actually, technological, and above all digital development already allow to

implement forms of intrusive real-time monitoring, affecting the same time several
fundamental rights, especially when they found an expression on the internet, such
as: Freedom of expression; health (with the digitalization of health care systems, or
even through applications installed in everyday devices like smartphones, measur-
ing steps, pulse, etc.); freedom of movement (with GPS o real-time tracking of
financial transactions); and secrecy of communications and of private domiciles
(with the possibility to remotely activate mikes and cameras in digital devices). At
first glance, such serious concerns might even bring to the conclusion that surveil-
lance measures shall better not be implemented at all. Here, however, this argument
is not believed to be an option which can or shall be put into practice. Indeed, like it
or not, digital technology and globalization are part of the time we are living and
cannot but influence the way crimes are being committed, and how they are
prosecuted.
Preventing criminal justice systems from using digital technology would bring to
anachronistic results, and possibly to less protection of fundamental rights.
Certainly, it would not prevent criminals from using digital tools in a globalized
context.54 Arguably, as it emerges from the US example, that would not prevent even
law-enforcement and prosecutors from doing the same either. Indeed, to date most
surveillance measures are already applied within inadequate legal frameworks
(where even such legal framework do exist) and with few mechanisms (or none) to
prevent and sanction potential abuses.55 That being said, drafting an “ideal” model
of real-time monitoring of banking records (both with regard to banking identity
and transactions) is far from being a straightforward operation, especially consider-
ing that not rarely the existing legal bases offer little ground, on which to anchor
even the basic features of this investigative technique, and that banking and finan-
cial inquiry measures are frequently characterized by uneven levels of regulation at
the national level.
The fragmentation and frequent inefficiency of national regulations are however
relevant parameters highlight that banking surveillance, as a criminal investigative
measure, shall no more be regulated only in national legislation, but also, and per-
haps above all, at the supranational level: Criminal offenders, financial markets,
institutions and transactions, as well as abuses in surveillance practices already
operate on a transnational dimension, that can be profitably faced only at a corre-
spondent level.
54
“There is no prospect either of mass internet surveillance being accepted by all, or of being aban-
doned by the authorities in any modern state. That makes the debate over how that surveillance
should happen, what limits should be placed upon it, how it should be overseen and the legislation
under which it operates, a crucial one”, Bernal (2016), p. 260.
55
Cf. below, Sect. 7.6. Highlighting how government surveillance realizes and overcomes the
Jeremy Bentham’s idea of a Panopticon and Balkin (2008), p. 12, considering how the main rea-
sons for the changes in the surveillance practices of the government should be understood as a
technology rather than a governance problem Kerr (2009), Timan et al. (2017), pp. 3–4.
7.4 Measures (iv): Freezing of Banking Accounts (Brief Overview) 299
Within this perspective, the goal of this work is to identify some common prin-
ciples and basic standards which should characterize an EU legislation requiring the
implementation of forms of real-time monitoring of banking records.56 To achieve
so, identifying what is the state of play of banking surveillance represents a neces-
sary step to reach a common understanding on what is an acceptable balance of the
interests at stake: The current EU and the US applicable legislation on the matter are
examined to this aim in the following paragraphs.
7.4 M
easures (iv): Freezing of Banking Accounts (Brief
Overview)
Before proceeding with the analysis of real-time monitoring, and with the only aim
of providing a complete picture on the investigative techniques applicable in bank-
ing investigations, a few words are briefly devoted to measures aiming at freezing of
banking accounts.
Opposite to surveillance techniques, freezing and confiscation have since long
been grounded on supranational legal basis in the EU,57 culminated in the approval
of Directive 2014/42/EU on the freezing and confiscation of instrumentalities and
proceeds of crime and more recently, in the perspective of judicial cooperation by
Regulation (EU) 2018/1805.58 According to Article 7 of the Directive, “Member
States shall take the necessary measures to enable the freezing of property with a
view to possible subsequent confiscation”. Those measures may be addressed either
against the legitimate owner of the property to be frozen or against third parties in
the possession of the same.
Since Article 2 of the Directive defines property as “any description, whether
corporeal or incorporeal, movable or immovable, and legal documents or instru-
ments evidencing title or interest”, it could be concluded that banking account are
also falling under the scope of the Directive.
56
Cf. below, Chap. 8.
57
See Council Framework Decision 2001/500/JHA of 26.06.2001 on money laundering, the iden-
tification, tracing, freezing, seizing and confiscation of instrumentalities and the proceeds of crime;
Council Framework Decision 2003/577/JHA of 22.07.2003 on the execution in the European
Union of orders freezing property or evidence; Council Framework Decision 2005/212/JHA of
24.02.2005 on Confiscation of Crime-Related Proceeds, Instrumentalities and Property; Council
Framework Decision 2006/783/JHA of 6.10.2006 on the application of the principle of mutual
recognition to confiscation orders (consolidated version of 03.2009); Council Decision 2007/845/
JHA of 6.12.2007 concerning cooperation between Asset Recovery Offices of the Member States
in the field of tracing and identification of proceeds from, or other property related to, crime.
58
Directive 2014/42/EU of 3.04.2014 on the freezing and confiscation of instrumentalities and
proceeds of crime in the European Union, and Regulation (EU) 2018/1805 of 14.11.2018 on the
mutual recognition of freezing orders and confiscation orders.
Partially corresponding provisions may be found overseas in the freezing and

confiscation measures established by 18 U.S.C. § 1956, as modified by Section 317
of the USA PATRIOT ACT. According to it when property involved in a financial
transaction represents the proceeds of some form of unlawful activity, courts may
issue a “pre-trial restraining order or take any other action necessary to ensure that
any bank account or other property held by the defendant in the United States is
available”, to satisfy a judgment over such activity.59
7.5 Real-time Monitoring of Banking Data in the EU
At the European level, real-time monitoring of data was faced first in the already
mentioned 1990 COE Convention on Laundering, Search, Seizure and Confiscation
of the Proceeds from Crime, which at Article 4(2) provided that “Each Party shall
consider adopting such legislative and other measures as may be necessary to enable
it to use special investigative techniques facilitating the identification and tracing of
proceeds and the gathering of evidence related thereto. Such techniques may include
monitoring orders, observation, interception of telecommunications, access to com-
puter systems and orders to produce specific documents” (italics added).60
A specific reference to the application of surveillance to banking records can
then be found in the 2005 COE Convention on Laundering, Search, Seizure and
Confiscation of the Proceeds from Crime and on the Financing of Terrorism.
According its Article 7, in fact, each participating State “shall adopt such legislative
and other measures as may be necessary to enable it to […] (c) monitor, during a
specified period, the banking operations that are being carried out through one or
more identified accounts” (italics added).61
To achieve this aim, each Parties shall consider establishing “special investiga-
tive techniques facilitating the identification and tracing of proceeds and the gather-
ing of evidence related thereto, such as observation, interception of
telecommunications, access to computer systems and order to produce specific
documents”.62 Similarly to the 1990 version, however, also the 2005 Convention
simply created a general obligation to establish mechanisms of real-time monitoring
of banking transactions, but without including any procedural rules on how surveil-
lance shall be carried out.
59
18 U.S.C. § 1956 (b)(3). Cf. also 21 U.S. Code § 853-Criminal forfeitures, 8 U.S. Code § 1189(a)
(2)(C)-Designation of foreign terrorist organization, and 5 CFR 1690.15-Freezing an account-
administrative holds.
60
CETS 141, cit.
61
CETS 198, cit.
62
Cf. Article 7(2)(c) and 7(3).
7.5 Real-time Monitoring of Banking Data in the EU 301
The Convention moreover, as a legal source issued by an international intergov-

ernmental body, is not equipped with effective enforcing mechanisms in case States
are not implementing its provisions. And actually within the sole EU, only a few
countries have ratified the Convention,63 and even less have introduced surveillance
mechanism in their national legal system.64
The need to perform real-time monitoring operations on banking records has
however since long emerged also within the European Union.
Similarly to the other banking investigative measures previously discussed, sur-
veillance on banking data was taken into account in the aforementioned First
Protocol to the 2000 Convention on Mutual Assistance in Criminal Matters.65
Article 3 of the Protocol, in particular, concerned the monitoring of banking
transactions, and especially the surveillance of future operations, following the
drafting model for controlled deliveries already provided for in the 2000
Convention.66 According to the Protocol, each Member State shall possess a legal
framework which allows them to “monitor, during a specified period, the banking
operations that are being carried out through one or more accounts specified in the
request”.67
Similarly to the 2005 COE Convention, also this legal text sets a positive obliga-
tion for the Member States to introduce such an investigative technique, which
should be available, if not internally, at least to answer to cooperation requests com-
ing from other States, if the latter can show that the information requested is rele-
vant for the ongoing investigation.68 The conditions under which surveillance shall
be carried out, however, are not specified by the Protocol, which leaves the compe-
tent authorities of the Member States free to determine procedural rules.69
63
AT, EE, FI, LT, and LU signed the Convention, but never ratified it; while CZ and EI did not even
sign it. Source: http://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/
198signatures?p_auth=7eEdeclx. Accessed 18 July 2018.
64
As it is for instance the case of Italy and Germany. For Germany, see the transposing law: Gesetz
zu dem Übereinkommen des Europarats vom 16.05.2005 über Geldwäsche sowie Ermittlung,
Beschlagnahme und Einziehung von Erträgen aus Straftaten und über die Finanzierung des
Terrorismus vom 19.12.2016, BGBl. II 2016 Nr. 36 27.12.2016 S. 1370. For the Italian case, the
situation seems however to have slightly changed after the transposition of the EIO Directive, see
below note 72.
65
2001 Protocol, cit.
66
Cf. Article 12 of the 2000 Convention on Mutual Assistance.
67
Cf. Article 3(1), 2001 Protocol.
68
Cf. Article 3, 2001 Protocol.
69
Cf. Article 3(4), 2001 Protocol.
Also the enforcement of the Protocol was not very effective. Since 2001, in fact,
only some EU Member States had implemented this act,70 and among those who
did, not all fully complied with its provisions under the specific profile of real-time
monitoring (as it is the case of Germany, where Article 3 was “interpreted” as not
requiring to introduce in the national framework such surveillance measure71).
This impasse might have been solved in late 2014, when the Commission’s
power to initiate infringement procedures against Member States that did not trans-
pose, or transposed incorrectly EU secondary law, extended also to pre-Lisbon leg-
islation, therefore including in this number also the First Protocol to the 2000
Convention (at least for those States who signed it). The impact of such a change, in
itself of major implications in the EU legal framework, holds however in this spe-
cific regard only a relative importance.
Indeed, in the same year in which the new Commission’s prerogatives entered
into force, this piece of legislation, was arguably partially substituted by Directive
2014/41/EU on the European Investigation Order (EIO).72 Article 28 of the Directive,
in particular, recognizes that an EIO may be issued for the purpose of “executing an
investigative measure requiring the gathering of evidence in real time, continuously
and over a certain period of time, such as the monitoring of banking or other finan-
cial operations that are being carried out through one or more specified accounts”.
Similarly to the previously discussed Article 27, concerning production orders
on past banking transaction, also in this case the prerequisite for issuing an EIO is
that the information requested is considered to be “relevant for the purpose of the
70
In particular, EE, EL, IE and IT signed, but did not ratify it, HR never signed it. Source: http://
www.consilium.europa.eu/en/documents-publications/treaties-agreements/agreement/?id=20010
90&DocLanguage=en. Accessed 19 July 2018.
71
Cf. Entwurf eines Gesetzes zu dem Protokoll vom 16.10.2001 zu dem Übereinkommen über die
Rechtshilfe in Strafsachen zwischen den Mitgliedstaaten der Europäischen Union, BT-Drs.
15/4230, S. 12, in force since 27.07.2005, available online at: http://dipbt.bundestag.de/doc/
btd/15/042/1504230.pdf. Accessed 19 July 2018. On the German system of banking investigation
see also Weigend (2013), p. 284.
72
See above note 12, and Sect. 2.3.4, note 322 (also for academic references to the Directive).
Before the EIO Directive, real-time monitoring of banking records was also explicitly consid-
ered in the European Evidence Warrant (EEW), even though only with the purpose of excluding its
scope of application (cf. Article 4(1)(c), Council Framework Decision 2008/978/JHA of 18.12.2008
on the European Evidence Warrant for the purpose of obtaining objects, documents and data for
use in proceedings in criminal matters, according to which the possibility to obtain “information in
real time such as through the interception of communications, covert surveillance or monitoring of
bank accounts” is actually explicitly excluded by the scope for which such a Warrant could be
issue). Indeed, one of the main weak spots of the EEW, which substantially contributed to the
failure of this piece of legislation, was represented by the fact that it could apply only to obtain
evidence already existing, or at most discovered during the execution of the EEW, which obviously
is not the case of real-time monitoring (cf. Article 4(4) and (5) EEW). For a critical analysis on the
EEW see, e.g., Bachmaier Winter (2013), p. 127; De Hert et al. (2009), Spencer (2010), p. 602; De
Amicis (2011); Vervaele (2005). Following the massive non-implementation of the Framework
Decision by most Member States, also because of its structural limits, the European Evidence
Warrant was later substituted by the new legal tool to implement mutual recognition in transna-
tional cooperation concerning evidence, the EIO. Cf. also Allegrezza (2010).
criminal proceedings concerned”.73 The execution of such EIO, however, may be

refused, not only in according with the general grounds for non-recognition pro-
vided for by Article 11 of the Directive, but also if performing such measure “would
not be authorised in a similar domestic case”.74
Contrary to the other sources previously examined, therefore, the EIO Directive
does not even really provide for a positive obligation to introduce real-time monitor-
ing in national legal frameworks, as it merely regulates requests of transnational
cooperation in contexts where such investigative technique already exists.
This structural limitation is likely to become critical in cases where an EIO is
issued from a country where surveillance on banking records is in place (e.g.
Belgium) to a country where it is not (e.g. Germany).75 In these situations, according
to Article 10 of the Directive, before refusing the EIO, the executing authority shall
recourse, where possible, to an investigative measure other than that requested to
achieve the same goal. It is not clear, though, whether it would really be possible to
obtain the same result pursued by real-time monitoring through another investiga-
tive measure, If the answer to this question should be negative, the only option for
the executing authority would be then to notify the issuing authority that it is not
possible to provide the assistance requested.
The EIO Directive, however, may nonetheless create an indirect harmonizing
effect, in case Member States would take the chance to introduce this investigative
technique (or one of the others established in the Directive) in domestic systems,
during the transposition at the national level. Interestingly enough, this appears to
be the case of Italy, where the legislative decree implementing the Directive intro-
duced the possibility to collect banking and financial data in real-time to answer to
an EIO request, while no such tool was available before for corresponding purely
domestic cases.76
Article 28 of the Directive also indicates a few procedural requirements for this
kind of surveillance to be applied. Already at first glance, however, such conditions
appear rather questionable as they provide for a level of safeguards lower than that
established by Article 26 concerning production orders on banking identity.
73
Cf. Article 28(1)(a) and (3) Directive 2014/41.
74
Article 28(1), Directive 2014/41.
75
The directive also does not seem to take into account that financial institutions are operating on
a globalized market, so that it is possible that account are hold within the same bank or banking
group but physically located in different countries, critically examining the issue Panzavolta
(2016), pp. 381–382.
76
Article 20, Legislative Decree no. 108 of 21.06.2017. The provision is likely to create a debate at
internal level with regard to the principle of equal treatment, since currently real-time collection of
data (different from content of communication) requires only a reasoned decree of the public pros-
ecutor, while the new investigative tool follows the same (and more safeguarding) rules established
for wiretapping, cf. also Caianiello (2018), § 5; De Amicis (2018), § 5. In general terms on the
Italian implementation of the EIO Directive, see Daniele (2017), Falato (2018), De Amicis (2018),
p. 22; Selvaggi (2018), p. 44. On the minimum procedural rules that should be implemented with
regard to real-time monitoring of (banking) data, see below, Chap. 8.
An EIO requesting real-time monitoring of banking records may, in fact, be

issued as long as the information required is considered “relevant” for the criminal
proceedings concerned, while for production orders the investigative measure shall
be deemed of “substantial value”.77
In addition, similarly to Article 27 of the Directive (concerning production orders
on past banking and financial transactions), also Article 28 does not circumscribe its
scope only to the accounts of persons subject to criminal proceedings; while this
limitation is explicitly indicated in case of Article 26.78
The different requirements established in the Directive for each of these banking
investigative techniques seem therefore not to take into account that real-time moni-
toring of banking records is a much more intrusive measure than production orders
on banking identity. This result appears hardly justifiable in light of the proportion-
ality principle and the need to respect the fundamental rights of the affected
individuals.79
To complete the EU legal framework on financial surveillance, it should be
finally recalled that another rather specific reference to real-time monitoring in the
financial sector was introduced by Regulation (EU) 2015/847 on information
accompanying transfers of funds, which applies since 26 June 2017.80
Originated from the need to contrast serious criminal phenomena, such as money
laundering, financing of terrorism and organized crime, which “are likely to take
advantage of the freedom of capital movements within the Union’s integrated finan-
cial area unless certain coordinating measures are adopted at Union level”, the
Regulation aims at establishing control mechanisms to check whether transfers of
funds are accompanied by all the required information on the payer and the payee,
to better identify suspicious transactions and flows of illicit money.81 To this end,
according to Articles 7(2) and 11(2) of the Regulation, payment service providers or
intermediary service providers of the person recipient of the transfer shall imple-
ment effective procedures to detect whether certain key information on the payer or
the payee is missing, “including, where appropriate, ex-post monitoring or real-time
monitoring”.82 The subjects to this obligation, as defined by Article 3(5) of the
Regulation, are a broad category, that includes credit and electronic money
institutions.83
77
Cf. Article 26(5) and 28(3) Directive 2014/41. Cf. above, Sect. 7.2.
78
79
In this sense also Panzavolta (2016), p. 372.
80
Regulation (EU) 2015/847 of 20.05.2015 on information accompanying transfers of funds and
repealing Regulation (EC) No 1781/2006.
81
Cf. Recitals (1), (2) and (22) Regulation 2015/847.
82
Articles 7(2); 11(2); 22(1) Regulation 2015/847.
83
Article 3(5) refers to Article 1(1) of Directive 2007/64/EC of the European Parliament and of the
Council of 13.11.2007 on payment services in the internal market amending Directives 97/7/EC,
2002/65/EC, 2005/60/EC and 2006/48/EC and repealing Directive 97/5/EC, according to which
there are “six categories of payment service provider: (a) credit institutions within the meaning of
Article 4(1)(a) of Directive 2006/48/EC; (b) electronic money institutions within the meaning of
Article 1(3)(a) of Directive 2000/46/EC; (c) post office giro institutions which are entitled under
The impact of this Regulation, however, results rather limited for the scope of the
present analysis. First, the wording of Articles 7(2) and 11(2) sets a rather weak
legal basis, as it merely refers to the implementation of surveillance measures where
appropriate. Regulation 2015/847 moreover, does not contain any procedural rules
describing which are the conditions and procedure to be complied with in the imple-
mentation of such investigative measure.
Interestingly, moreover, the “soft” obligation set by the Regulation does not
address national investigating authorities, but rather payment service or intermedi-
ary payment service providers, which are the subjects that should implement forms
of real-time monitoring. This form of “indirect” surveillance (very common in our
big-data society) actually raises relevant issues for privacy protection and integrity
of the information collected, since in these cases such intrusive measures are carried
out not by public authorities, but by private parties. This rather thorny situation
appears especially relevant in light of the US example where, as will be further
illustrated, these forms of real-time monitoring seem rather widespread.84
Lastly, it should be recalled that, in the EU, an attempt to set a positive obligation
to introduce forms of banking surveillance was carried out in the negotiations con-
cerning the establishment of the European Public Prosecutor Office (EPPO).85
Indeed, the original draft, proposed by the Commission in July 2013, clearly sup-
plied the Office with the power to request the monitoring of banking transactions,
by ordering any financial or credit institution to inform it in real time “of any finan-
cial transaction carried out through any specific account held or controlled by the
suspected person or any other accounts which are reasonably believed to be used in
connection with the offence”.86 This provision would have implied an obligation, at
least for all the participating Member States, to make this measure available for all
crimes falling within the EPPO jurisdiction.87 In light of the evolution of the nego-
tiations, however, it clearly appeared that this feature did not meet with agreement
among Member States. Due to the pressure of several delegations, which considered
it an excessive step toward the harmonization of criminal procedure in the EU, this
power was in the end removed from the prerogatives of the EPPO, together with
most of the intrusive investigative powers previously provided for in the
Commission’s proposal (such as surveillance of telecommunications, video and
national law to provide payment services; (d) payment institutions within the meaning of this
Directive; (e) the European Central Bank and national central banks when not acting in their capac-
ity as monetary authority or other public authorities; (f) Member States or their regional or local
authorities when not acting in their capacity as public authorities”.
84
“Data gathering and surveillance involves both commercial and governmental organisations, and
to consider them separately is to misunderstand the nature of both. The government uses data
gathered by commerce, methods developed by commerce and piggyback on systems used by com-
merce” Bernal (2016), p. 260. Cf. also below, Sect. 7.6.
85
For a general overview of the EPPO and its role in cooperation matters, see Sect. 2.3.4.
86
Cf. Article 26(1)(g), European Commission, Proposal for a Council Regulation on the establish-
ment of the European Public Prosecutor’s Office {SWD(2013) 274 final} Brussels, 17.7.2013.
87
Cf. Article 22 EPPO Regulation; see above Sect. 2.3.4.
audio surveillance, and targeted surveillance in public places).88 The new EU inves-
tigative body, specialized in the matter of financial crimes, will then be able to
exercise only a limited range of investigative powers (unless differently provided for
at the national level),89 which for instance, do not include the questioning of sus-
pects and witnesses (even though the Prosecutor will be entitled to order the arrest
of the suspect90), nor the real-time monitoring of financial transactions. Once identi-
fied, however, the EPPO will be able to freeze suspicious assets.91
Against this rather fragmented background, in the EU the current situation con-
cerning the legal framework on real-time monitoring of banking transactions may
therefore be summarized as follow.
Most Member States (26) are theoretically under supranational obligations to
establish some form of banking surveillance at the domestic level, either due to the
provisions of the 2005 COE Convention (BE, BG, CY, DE, DK, ES, EL, FR, HR,
HU, IT, LV, MT, NL, PL, PT, RO, SE, SI, SK, and UK) or of the First Protocol to
the 2000 Convention on Mutual Legal Assistance (AT, BE, BG, CY, CZ, DE, DK,
ES, FI, FR, HU, LT, LU, LV, MT, NL, PL, PT, RO, SE, SI, SK, and UK). Estonia
and Ireland have neither ratified the First Protocol, nor the 2005 Convention (even
if MONEYVAL reported the first to have implemented the measure at domestic
level for “very special cases”92).
Whether the obligations to introduce real-time monitoring of banking records
deriving from the Protocol should still be considered binding after the approval of
the EIO Directive (which does not state anything on this specific point) remains
uncertain. The question could be especially relevant, taking into account that only
few Member States have so far established forms of banking surveillance in their
domestic legal system (such as BE, NL,93 AT,94 UK,95 or in the terms illustrated
above, IT).96 In case of a positive answer, moreover the Commission could initiate
88
Compare Article 30 EPPO Regulation with Article 26(1)(f)(i)(r), Proposal for a Council
Regulation on the establishment of the European Public Prosecutor’s Office.
89
Namely: Search and seizure, production orders, interception of communications, freezing of
instrumentalities or proceeds of crime, and controlled deliveries. Interception and controlled deliv-
eries were harshly criticized by many delegations repeatedly ask for their ejection; controlled
deliveries was reintroduced in the Regulation only in 2017 cf. Article 30 Council Regulation
implementing enhanced cooperation on the establishment of the European Public Prosecutor’s
Office (“the EPPO”), Interinstitutional File: 2013/0255 (APP), Brussels, 30.06.2017; the freezing
of instrumentalities or proceeds of crime only in the final period of the negotiations.
90
Cf. Article 33 EPPO Regulation.
91
Cf. Article 30(1)(d) EPPO Regulation.
92
Cf. MONEYVAL (2013), p. 37. For the role of MONEYVAL, see above Sect. 3.4.
93
Cf. Ligeti (2012), Panzavolta (2016), p. 377.
94
See below, note 99.
95
Cf. Proceeds of Crime Act (POCA) of 2002 (chapter 29), §§ 370–371.
96
Cf. Tricot and Martìn (forthcoming), p. 11 of the draft. In France “the CCP does not foresee the
monitoring of banking transaction. However, it is in practice covered by the general power of req-
uisition provided for in CCP, Article 60-1, which, combined with CC, Article 132-22, entitles
judicial police officers to request information on bank accounts, on banking transactions and the
an infringement procedure against those countries which did not comply with the
Protocol.
In any case, also among those States that do provide for a specific regulation,
applicable procedural rules are not harmonised. In Belgium, for instance, according
to Article 46-quarter, § 2 of the criminal procedure code, the prosecutor may require
the monitoring of banking transactions relating to one or more of bank accounts or
banking or financial instruments of the suspect. This measure may be applied only
in case serious and exceptional circumstances justify it, and only if the investigation
relates to certain serious crimes (for which also wiretapping is allowed).97
In the Netherlands, real-time monitoring of banking records can be performed
according to Articles 126ne et seq. Wv Sv, which grants prosecutors the faculty to
exercise this power, after a prior written authorization by the Judge-Commissioner.
Data surveillance may be used in investigations against certain offences provided
for by Article 67a, § 1 Wv Sv, generally punished with a maximum of 4-year impris-
onment, including money laundering and terrorist financing. The monitoring may
have a maximum duration of 4 weeks, which may be extended for a period up to 4
weeks.98
In Austria, the prosecutor may request information on bank accounts and trans-
actions. According to Section 109(4) of the Austrian criminal procedural code, such
information also includes business transactions for a particular past or future period.
Such surveillance shall be grounded on a court authorization, that shall also set a
time limits. The issuing of information on bank accounts and banking transactions,
together with judicial authorization, shall be served on the accused, and the persons
entitled to exercise the business relationship as soon as they are known to the public
prosecutor, but that can be deferred as long as the purpose of the investigation would
be endangered.99
In the UK, banking surveillance is established within the legislation providing
for investigations of criminal assets for confiscation, or money laundering offences,
the 2002 Proceeds of Crime Act (POCA), § 370–375.100 Law-enforcement may
apply before a court for the issuance of an account monitoring written order, which
lasts up to 90 days (but might be extended). In case of any investigations, the order
may be granted if there are “reasonable grounds for believing that account informa-
tion which may be provided in compliance with the order is likely to be of substan-
tial value (whether or not by itself) to the investigation for the purposes of which the
monitoring of banking transactions. Indeed, according to CCP, Article 60-1, a judicial police offi-
cer may order any person, establishment or organisation, whether public or private, or any public
services likely to possess any documents relevant to the inquiry in progress, including those pro-
duced from a registered computer or data processing system, to provide them with these docu-
ments, unless legal privileges apply”, cf. also Tricot (2012), p. 241.
97
Cf. Article 90-ter, §§ 2 to 4 of the Belgian Crim. Proc. Code; see also Panzavolta (2016), p. 377.
98
Cf. International Monetary Fund (2011), p. 110; Panzavolta (2016), p. 375; Peçi (2012), p. 95.
99
Cf. Section 116(5) of the Austrian Criminal Procedure Code. See also Kert and Lehner (2012),
p. 9.
100
Cf. Howse (2012), pp. 154–155.
order is sought” or if there are “reasonable grounds for believing that it is in the
public interest for the account information to be provided, having regard to the ben-
efit likely to accrue to the investigation if the information is obtained”. In the case
of a money laundering investigation, reasonable grounds shall concern the fact that
“the person specified in the application for the order has committed a money laun-
dering offence”.101
Lastly, in Italy, according to the recent legislation introduced by the legislative
decree transposing the EIO Directive, real-time monitoring of banking data seems
to follow the same regulation established for wiretapping. According to it, the mea-
sure shall be authorized by a judge, and may last 15 days (40 in case of especially
serious crimes), a term which could be extended.102
Whether, and if so, how real-time monitoring of banking records applies in the
EU remains therefore today an issue mainly determined by national diverging regu-
lation. Risks of potential abuses and violations of fundamental rights however, pres-
ent an increasingly supranational, if not global dimension. As of June 2017, indeed,
all payment service providers in the EU may implement forms of real-time monitor-
ing of payment transactions according to Regulation 2015/847, and, as of May
2017, data gathered with (not harmonised) surveillance techniques can circulate
among Member States with European Investigation Orders. As it clearly emerges
also by the US example, moreover the absence of a clear legal framework does not
mean that these intrusive forms of banking surveillance are not actually put into
place.
7.6 Real-time Monitoring of Banking Data in the US
According to the law on the books, in principle the US Government should not have
access to citizens’ financial records without a special authorization for doing so—
authorization that, in compliance with the Right to Financial Privacy Act of 1978
(12 U.S.C. § 3401–3422), may be granted directly by the affected individual, or by
a public competent authority.103
In this last case, several legal tools may be applied to get access to banking data,
four of which are especially relevant to the theme here analysed: (i) Court Orders;
(ii) Judicial or Grand Jury Subpoena; (iii) Administrative Subpoena or Summons;
101
Cf. POCA, § 371.
102
Cf. Article 267 Italian c.p.p.
103
P.L. 95-630, codified at 12 U.S.C. Chapter 35 (§ 3401–3422); cf. in particular, 12 U.S.C. § 3404.
7.6 Real-time Monitoring of Banking Data in the US 309
and (iv) Probable Cause Search Warrant.104 These investigative techniques, briefly
described hereinafter, differ for the circumstances, generally determined by the law,
in which they may be applied, and on other relevant legal profiles, such as the extent
of powers recognised to the judiciary, and the burden of proof on the government.
The latter may also use a formal written request to obtain financial information;
however, since this request is not coercive, financial institutions remain free to
decide whether to comply with it or not.105
7.6.1 Court Order
In this case, the government needs to obtain a court order before acquiring the
(financial) information sought. According to the burden of proof that it must comply
with, it is possible to distinguish between:
Relevance Court Order
The government may obtain the order merely by certifying to a court that the infor-
mation likely to be obtained is relevant to a law-enforcement investigation.
Examples of this case can be found in 18 U.S.C. § 3123, that describes the
process for obtaining an order under the Pen Register and the Trap and Trace
Device statute.106 Similarly to the EU data retention directives,107 this regulation
enables the government to collect “external data” (i.e. everything that is non-
104
For the complete list, see Table 2 in Kerr (2003b). See also Stevens and Doyle (2002).
105
Cf. 12 U.S.C. § 3408(2); see also US Attorneys’ Manual, Criminal Resource Manual (hereinaf-
ter “CRM”). §§ 408–409. https://www.justice.gov/usam/criminal-resource-manual. Accessed 19
July 2018.
106
Enacted as Title III of the ECPA, P.L. 99-508, codified at 18 U.S.C. § 3121 et seq. “Pen register”
is defined by 18 U.S.C. 3127(3) as “a device or process which records or decodes dialing, routing,
addressing, or signaling information transmitted by an instrument or facility from which a wire or
electronic communication is transmitted, provided, however, that such information shall not
include the contents of any communication, but such term does not include any device or process
used by a provider or customer of a wire or electronic communication service for billing, or record-
ing as an incident to billing, for communications services provided by such provider or any device
or process used by a provider or customer of a wire communication service for cost accounting or
other like purposes in the ordinary course of its business”.
107
Directive 2002/58/EC, and Directive 2006/24/EC of 15.03.2006 on the retention of data gener-
ated or processed in connection with the provision of publicly available electronic communications
services or of public communications networks and amending Directive 2002/58/EC (OJ 2006 L
105, p. 54), the latter annulled by the notorious case Digital Rights Ireland, Case C-293/12, cf.
Sect. 2.3.3, note 263, and Sect. 8.2.
content108), with specific focus on phone communications and, after the USA
Patriot Act, in line with the practice previously followed by the US Department of
Justice, on internet data.109 Under this statute, an order can authorize the installa-
tion and use of the tracking device for a period not exceeding 60 days, which may
be extended.110
Articulable Facts Court Order
To obtain an order, the government must offer specific and articulable facts, estab-
lishing reasonable grounds to believe the information to be obtained is both relevant
and material to an ongoing criminal investigation. An example in this sense is pro-
vided for by the Stored Wire and Electronic Communications and Transactional
Records Access Act (SCA), which allows the retrospective tracking of electronic
communication service providers, concerning wire or electronic communications.111
According to 18 U.S.C. § 2703(d), the government, giving prior notice to the sub-
scriber/customer, can obtain a court order to require an internet service provider (of
remote computing service, or of electronic communication service) to disclose the
records (i.e. content) or any other information of wire or electronic communication
pertaining to that subject, that the provider has stored for more than 180 days.
According to the same provision, if “the information or records requested are unusu-
ally voluminous in nature or compliance with such order otherwise would cause an
undue burden”, service providers may file a motion to have the order quashed or
modified.
108
47 U.S.C. § 102(a)(2); United States v. Espudo, 954 F.Supp.2d 1029, 1039 (S.D. Cal. 2013).
109
On the USA Patriot Act see also above, Sect. 5.2.
For an of the impact of the USA Patriot Act on the Pen Register see, e.g., Guernsey (2001);
contra, under an academic perspective, Kerr (2003b), sustaining that the Act did not expand law
enforcement powers dramatically, but made mostly minor amendments to the electronic surveil-
lance laws, many of which actually protecting privacy and civil liberties.
110
The order shall contain “(A) the identity, if known, of the person to whom is leased or in whose
name is listed the telephone line or other facility to which the pen register or trap and trace device
is to be attached or applied; (B) the identity, if known, of the person who is the subject of the crimi-
nal investigation; (C) the attributes of the communications to which the order applies, including the
number or other identifier and, if known, the location of the telephone line or other facility to
which the pen register or trap and trace device is to be attached or applied, and, in the case of an
order authorizing installation and use of a trap and trace device under subsection (a)(2), the geo-
graphic limits of the order; and (D) a statement of the offense to which the information likely to be
obtained by the pen register or trap and trace device relates”.
111
Enacted as Title II of the Electronic Communications Privacy Act (ECPA) of 1986 P.L. 99-508,
codified at 18 U.S.C. § 2701 et seq.
7.6.2 Judicial or Grand Jury Subpoena
Judicial subpoenas are particular court orders, for instance to produce financial
records, governed by 12 U.S.C. § 3407.112 The addressee(s) must comply with it, or
file a sworn statement and motion to quash the subpoena in an appropriate court.113
Failure to comply with the order, without having challenged it, may result in the
addressee being held in contempt before court.
According to 12 U.S.C. § 3410, the affected individual(s) (“customers”) can file
a motion to quash subpoena, summons, or formal written requests in the appropriate
United States district court, within 10 days of service or within 14 days from their
notification.
The court rejects the motion, if the applicant is not the customer to whom the
records are pertaining, or if there is a demonstrable reason to believe that the records
sought are relevant to the inquiry. If that is not the case, or if due procedural rules
have not been complied with by the Government, the motion shall be granted.114
According to § 3414, however, the rules provided above shall not apply whether
access to financial records is necessary to conduct foreign counter or positive-
intelligence activities carried out by the Prosecutions service or other Government
authorities or by the Secret Service, or intelligence or counterintelligence investiga-
tions related to international terrorism.115
The subpoena shall be served together with the following notice: “Records or information con-
112
cerning your transactions which are held by the financial institution named in the attached subpena
are being sought by this (agency or department or authority) in accordance with the Right to
Financial Privacy Act of 1978 [12 U.S.C. 3401 et seq.] for the following purpose: If you desire that
such records or information not be made available, you must:
1. Fill out the accompanying motion paper and sworn statement or write one of your own,
stating that you are the customer whose records are being requested by the Government
and either giving the reasons you believe that the records are not relevant to the legiti-
mate law enforcement inquiry stated in this notice or any other legal basis for objecting
to the release of the records.
2. File the motion and statement by mailing or delivering them to the clerk of the…Court.
3. Serve the Government authority requesting the records by mailing or delivering a copy
of your motion and statement to…
4. Be prepared to come to court and present your position in further detail.
5. You do not need to have a lawyer, although you may wish to employ one to represent you
and protect your rights. If you do not follow the above procedures, upon the expiration
of ten days from the date of service or fourteen days from the date of mailing of this
notice, the records or information requested therein will be made available. These
records may be transferred to other government authorities for legitimate law enforce-
ment inquiries, in which event you will be notified after the transfer.
113
12 U.S.C. § 3407; see also CRM §§ 408–409.
114
See also CRM 415. In this latter case, the right to judicial review is subject to a statute of limita-
tion of 3 years from the date on which the violation occurs or the date of discovery of such viola-
tion, whichever is later, cf. 18 U.S.C. § 3511 and 12 U.S. Code § 3416.
115
12 U.S.C. § 3414(a) (1) (A)(B)(C). On the exceptionalism of foreign intelligence see, e.g.,
Taipale (2007), and Kerr (2014).
When these interests are at stake, the Director of the FBI is required to certify in
writing to the financial institution that such records are sought for the purposes
illustrated, to proof that the investigation is not conducted solely upon the basis of
activities protected by the First Amendment to the Constitution (freedom of
speech).116 Notably, such protective clause cannot be invoked in favour of all targets
of an investigation, as it applies only to United States nationals (while financial
records may concern also other nationals).117
Further exceptions are also provided in case obtaining financial records is urgent
due to imminent danger of physical injury to any person; serious property damage;
or flight to avoid prosecution.118 In such circumstances, the Government may acquire
the records after the submission of a certificate, signed by a supervisory official of
a designated rank, together with the specific identification of the customer, entity, or
account to be used as the basis for the production and disclosure.119
Grand Jury Subpoena
Where a Grand Jury proceeding is established (i.e. in case of especially serious

offences120), the latter—which acts under the authority of a US federal court, and is
supervised by a US federal prosecutor—has the power of issuing a particular kind
of subpoena ordering the production of financial records.121 With such subpoena
116
“Congress shall make no law respecting an establishment of religion, or prohibiting the free
exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people
peaceably to assemble, and to petition the government for a redress of grievances”.
117
12 U.S.C. § 3414(a)(5)(A). The information so gathered may be shared by the FBI only following
the cases provided in the Attorney General’s guidelines for foreign intelligence collection and foreign
counterintelligence investigations, and only if such information is clearly relevant to the authorized
responsibilities of such agency. Such activity shall be periodically reported to the competent
Congressional Committees by the Attorney General. On the subjective limitations to US nationals, see
also Electronic Privacy Information Center (EPIC) (2018). Cf. also Gross (2002); Vervaele (2007).
118
12 U.S.C. § 3414(b)(1).
119
12 U.S.C. § 3414(b).
120
A Grand Jury is “a body of (usu. 16 to 23) people who are chosen to sit permanently for at least
a month—and sometimes a year—and who, in ex parte proceedings, decide whether to issue
indictments”. According to the “Grand Jury Clause” of the Fifth Amendment, an indictment by a
grand jury is required before a person can be tried for serious offenses, when the public interests
so required, cf. Garner (2014), pp. 814–815. For an overview on grand jury issues, see, e.g.,
O’Sullivan (2016), p. 795.
121
“Although the Act is clear on the point that grand jury subpoenas are excepted, 12 U.S.C. §
3413(i), one financial institution has argued that grand jury subpoenas are a form of “judicial sub-
poena” and therefore subject to the customer notice and challenge requirements of 12 U.S.C. §
3407. The court considering this argument, however, held that grand jury subpoenas are not “judi-
cial subpoenas” within the meaning of the Act. In re Subpoena to Testify Before the Grand Jury
Issued to the Commonwealth Nation Bank, Civil Action No. 79-349, Misc. 7924, slip op. (M.D. Pa.,
April 6, 1979)”, cf. CRM § 408. See also US v. R. Enterprises, Inc., 498 U.S. 292, 298, 111 S. Ct.
722, 112 L. Ed. 2d 795 (1991), which underlines the difference between a grand jury subpoena and
a trial subpoena, that can be quashed according to the test set up by US v. Nixon, 418 U.S. 683,
699–700, 94 S. Ct. 3090, 41 L. Ed. 2d 1039 (1974).
(known as duces tecum s.), the Grand Jury may order a subject to produce docu-
ments pertinent to a proceeding, including financial records, without the possibility
for the addressee(s) to challenge the request under 12 U.S.C. § 3410, and substan-
tially, for any reason different from the clause against self-incrimination established
in the Fifth Amendment.122
7.6.3 Administrative Subpoena or Summons
Different conditions apply to administrative summons or subpoena, which may be

issued if there is reason to believe that the records sought are relevant to a legitimate
law enforcement inquiry. They consist of “a judicially enforceable demand for
records issued by a government authority which is authorized by some other provi-
sion of law to issue such process”.123 In these cases in fact, it is the Government, and
122
Although the case-law of the USSC has drastically downsized the possibility for these subjects
to invoke the Fifth Amendment protection too (cf., e.g., Braswell v. US, 487 U.S. 99, 108 S. Ct.
2284, 101 L. Ed. 2d 98, 88-2 U.S. Tax Cas. (CCH) P 9546, 25 Fed. R. Evid. Serv. 609, 25 Fed.
R. Evid. Serv. 632, 62 A.F.T.R.2d 88-5724 (1988); Hale v. Henkel, 201 U.S. 43, 26 S. Ct. 370,
50 L. Ed. 652 (1906); In re Grand Jury Subpoena Issued June 18, 2009, 593 F.3d 155, 158 (2d Cir.
2010)). The peculiarity of the Grand Jury functions, as constantly affirmed by the Supreme Court
(see, e.g., US v. R. Enterprises, Inc., cit.; US v. Mechanik, 475 U.S. 66, 106 S. Ct. 938, 89 L. Ed. 2d
50 (1986), where the Court refused to dismiss an indictment solely because of the violation of Rule
6(d) of the Fed. R. Crim. P.) justifies to denial of most of the evidentiary rules protecting defen-
dants’ fundamental constitutional rights (such as the obligation for the prosecutor to disclose excul-
patory evidences, the prohibition of anchoring a decision on hearsay testimony, and the Fourth
Amendment exclusionary rule for illegally seized evidence). Quashing a subpoena, thus, becomes
extremely hard for the subjects involved in the investigations, both as targets and as witnesses,
especially when the target of the investigation is a corporation (including financial institutions).
123
12 U.S.C. § 3405; the subpoena shall be served together with the following notice “Records or
information concerning your transactions held by the financial institution named in the attached
subpena or summons are being sought by this (agency or department) in accordance with the Right
to Financial Privacy Act of 1978 [12 U.S.C. 3401 et seq.] for the following purpose: … If you
desire that such records or information not be made available, you must:
1. Fill out the accompanying motion paper and sworn statement or write one of your own,
stating that you are the customer whose records are being requested by the Government
and either giving the reasons you believe that the records are not relevant to the legiti-
mate law enforcement inquiry stated in this notice or any other legal basis for objecting
to the release of the records.
2. File the motion and statement by mailing or delivering them to the clerk of any one of
the following United States district courts: …
3. Serve the Government authority requesting the records by mailing or delivering a copy
of your motion and statement to …
4. Be prepared to come to court and present your position in further detail.
5. You do not need to have a lawyer, although you may wish to employ one to represent you
and protect your rights. If you do not follow the above procedures, upon the expiration
of ten days from the date of service or fourteen days from the date of mailing of this
notice, the records or information requested therein will be made available. These
records may be transferred to other Government authorities for legitimate law enforce-
ment inquiries, in which event you will be notified after the transfer; see also CRM §
408.
not a court, which issues the summons to the private party that possess the relevant
information, asking for its disclosure.
An example of administrative subpoena is given by the Inspector General Act of
1978, that at § 6(4) establishes that each Inspector General is authorized to “require
by subpoena the production of all information, documents, reports, answers, records,
accounts, papers, and other data in any medium (including electronically stored
information, as well as any tangible thing) and documentary evidence necessary in
the performance of the functions assigned by this Act, which subpoena, in the case
of contumacy or refusal to obey, shall be enforceable by order of any appropriate
United States district court”.124
Similarly to judicial subpoenas, also administrative subpoenas compel the holder
of financial records to supply the information required, and may be quashed at the
conditions provided for by 12 U.S.C. § 3410. This tool, however, presents two rather
peculiar features. First, administrative subpoenas represent an example of “indirect”
surveillance in which private parties have a major role, as the concrete surveillance
activity is not carried out by the Government, but by service providers that are
ordered to discover the records they collected (e.g. for business related reasons).
Second, in administrative subpoenas, courts play only a marginal role: They are
involved exclusively if the Government wishes to compel the addressee of the sub-
poena not to reveal its customers that access to their information was requested. To
obtain a legally binding non-disclosure effect, the Government shall request a court
the issuance of an order towards the addressee of the subpoena.
7.6.4 Probable Cause Search Warrant
Lastly, pursuant to Rule 41 of the Federal Rules of Criminal Procedure (Fed.

R. Crim. P.), a prosecutor or a federal law-enforcement officer authorized by the
Attorney General, may request a search warrant before the magistrate judge geo-
graphically competent for the interested district.125
According to the Fourth Amendment, search warrants are granted only if there is
probable cause to believe that the search, or the installation and use of a tracking
device126 is justified in light of the facts offered by the Government, which shall
establish a likelihood that a crime has occurred, and that evidence of the latter exists
124
U.S.C. Title 5, appendix.
125
Cf. Fed. R. Crim. P., Rule 41 (b)(c)(d).
According to 12 U.S. Code § 3406 (b)(c) the warrant shall be served together with the follow-
ing notice: “Records or information concerning your transactions held by the financial institution
named in the attached search warrant were obtained by this (agency or department) on (date) for
the following purpose: … You may have rights under the Right to Financial Privacy Act of 1978
et seq.]”. Cf. also CRM § 407.
126
“Tracking device” is defined by 18 U.S.C. § 3117 (b) as “an electronic or mechanical device
which permits the tracking of the movement of a person or object”.
in the location to be searched.127 When the request concerns information to be

sought with a tracking-device, the warrant shall: Identify the person(s) or property
to be tracked, designate the magistrate judge to whom it must be returned, and
specify a reasonable length of time for the device to be used, which must not exceed
45 days from its issuing, and may be extended for a reasonable period, again not to
exceeding 45 days each. No later than 90 days after the search warrant has been
served, the customer shall be notified a copy of the warrant, unless a delay is granted
by the court.128
An example in this sense may be found again in the Stored Wire and Electronic
Communications and Transactional Records Access Act (SCA) where it is estab-
lished that, as provided for by 18 U.S.C. § 2703(a), if the Government is not willing
to afford prior notice to the subscriber/customer, it has to obtain a search warrant
before ordering a provider of electronic communication service to disclose the con-
tents of wire or electronic communications stored for 180 days or less.
“Super” Search Warrants Among the category of search warrants, there are also
particularly safeguarded situations, in which the Government needs to meet a higher
threshold than that of “normal” warrants.129 That is for instance the case of the
Wiretap Act, which authorizes the Government to intercept wire or oral communi-
cations, but only complying with specific procedural requirements.130 In particular,
18 U.S.C. § 2516 compels law-enforcement agents to submit their request to a pros-
ecutor; the latter is then required to obtain a judicial authorization before starting the
monitoring procedures. Interceptions may be used only as extrema ratio, i.e. after
the exhaustion of other traditional investigative techniques, and exclusively to pros-
ecute a limited number of offences. Unless the court grants an extension, wiretap-
ping cannot last for more than 30 days, and information so obtained needs to be
secured and placed under seal. Subjects intercepted shall be notified within a rea-
sonable time, and not later than 90 days after the expiration of the order.
As anticipated, according to the applicable statutory law, formal written requests,
judicial and Grand Jury subpoenas, administrative summons and search warrant are
the investigative tools that the Government may use to access electronic records,
including financial and banking data. However, while no question concerning the
identification of the applicable legal basis arises with regard to the collection of pre-
existing or pre-stored information, also in the US several critical issues emerge
when data are to be collected real-time. This situation persists regardless of the
reform carried out to adjust the legal framework to the new technological
challenges.
127
12 U.S. Code section 3406; see also CRM § 407. Cf. also Taslitz (2013).
128
Fed. R. Crim. P., Rule 41 (e)(c).
129
So defined by Kerr (2003b).
130
The Wiretap Act was first passed as Title III of the Omnibus Crime Control and Safe Streets Act
of 1968 (P.L. 90-351), and is thus generally known as “Title III”, codified at 18 U.S.C. §
2510–2522.
The reference goes here especially to the Electronic Communications Privacy

Act (ECPA), which in 1968 amended the aforementioned Wiretap Act, introducing
in the US Code the Pen Register statute and Store Wire and Electronic
Communications Act (also already mentioned). None of these statutes, indeed, pro-
vides for satisfactory legal bases for the real-time monitoring of banking data.
On one side, the scope of the Stored Communications Act (SCA) covers the
tracking of electronic communication service providers concerning wire or elec-
tronic communications, both in their “content” and “non-content” details. The SCA,
however, as the same title suggests, is limited only to “stored records” and not to
future ones. Moreover, it is also hardly applicable to financial institutions, since
banks are not electronic communication service providers. On the other side, both
the Wiretap Act and the Pen Register statute regulate prospective real-time informa-
tion gathering, including also that on the Internet. The first Act regulates access to
the content of communications (requiring a “super” search warrant) and the second
to non-content information (requiring a relevance court order). Taking into account
its pervasiveness, banking surveillance could theoretically fall under the scope of
the Wiretap Act, but according to 18 U.S.C. § 2510(12), financial transactions are
specifically excluded from the definition of electronic communications, and that
lays a substantial obstacle in applying provisions drawn for communicative contents
to banking transactions.131
The only piece of legislation which seems able to provide legal basis to real-time
monitoring of banking records remains therefore the Pen Register statute. It how-
ever does not provide for strong guarantees for the individuals affected by such
measures.
As anticipated, in fact, a Pen Register request for information requires only a
relevance court order, in which the judiciary is recognized just a limited reviewing
power, and the Government is conferred a great discretion. The Pen Register statute,
moreover, contrary to the Wiretap Act, does not provide for exclusionary rules to
sanction potential violations, a lacuna which seems rather ominous in light of the
great relevance of surveillance practices in the US.132
This lacuna, actually, has been identified by legal scholars as one of the reasons
why real-time monitoring of banking data as long been “virtually ignored” by the
US legal system: Indeed, due to the lack of exclusionary rules, US courts “only
131
Cf. 18 U.S.C. § 2510(12), according to which: ““electronic communication” means any transfer
of signs, signals, writing, images, sounds, data, or intelligence of any nature transmitted in whole
or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system that affects
interstate or foreign commerce, but does not include—[…] (D) electronic funds transfer informa-
tion stored by a financial institution in a communications system used for the electronic storage
and transfer of funds”.
132
Proposing to introduce a suppression remedy Kerr (2003a), according to “such a change would
create a strong incentive for defendants to challenge the government’s surveillance practices in
court. In so doing, it would create a forum for the courts to apply the statutes in criminal cases,
which would clarify both to the government and the public what powers the government can exer-
cise to investigate Internet crime, as well as the limits on those powers” which also the US
Department of Justice should be found useful.
rarely encounter challenges to Internet surveillance practices”.133 Hence, questions

on the basic working of this investigative technique can be found in judicial deci-
sions much less frequently than it would be expected, taking into account the practi-
cal application of this measure.134 All these elements contribute in making today the
identification of adequate legal basis for real-time monitoring of (banking) data and
its interpretation, rather uncertain.135
US courts also examine issues related to electronic surveillance in a relatively
limited number of cases due to the impossibility—caused by the US Supreme
Court’s (USSC) case-law—to invoke the Fourth Amendment protection in case of
records shared in informatics systems. Indeed, the purpose of the Electronic
Communications Privacy Act (ECPA) was to provide a protection equivalent to that
recognized for search and seizure under the Fourth Amendment also to electronic
communications. However, in the jurisprudence of the Supreme Court, no expecta-
tion of privacy, and thus no protection under this Constitutional clause may be
invoked when a subject has revealed a piece of information to third parties.
This “disclosure principle” or “third party doctrine” has been broadly interpreted
by the USSC, that applies it also to non-public disclosures made to non-human
beings, such as phones or electronic devices,136 or, for the issue here at stake, to the
133
And when they do, the challenges tend to be in civil cases between private parties, since exclu-
sionary rules are here substituted with strong provisions of civil law liabilities, cf. Kerr (2003a),
who highlights that “Owing to the near-total absence of criminal precedents interpreting these
statutes, a court often will have little sense of how its decision fits within the context of criminal
cases, or even that the decision will have any implications at all for criminal law […] When the
resulting civil precedents are applied in a criminal context, however, the decisions can have sur-
prising and disturbing implications for routine criminal investigations”.
134
Kerr (2003a), who reports how “In the more than fifteen years since Congress enacted the mod-
ern Internet surveillance laws, only a trickle of cases have emerged that shed light on any part of
them […] Because Congress has not provided a statutory suppression remedy, criminal defendants
have little incentive to raise challenges to the government’s Internet surveillance practices. Absent
defense challenges, courts rarely encounter disputes alleging violations of those laws, and few
decisions result […] When defendants raise these challenges, the courts generally reject them
without reaching the merits on the ground that no suppression remedy exists”, even if exceptions
do exist.
135
In this sense, Kerr (2004).
136
Cf. Smith v. Maryland 442 U.S. 735, 442 (1979), according to which “Petitioner in all probabil-
ity entertained no actual expectation of privacy in the phone numbers he dialed, and even if he did,
his expectation was not “legitimate.” First, it is doubtful that telephone users in general have any
expectation of privacy regarding the numbers they dial, since they typically know that they must
convey phone numbers to the telephone company and that the company has facilities for recording
this information and does, in fact, record it for various legitimate business purposes. And petitioner
did not demonstrate an expectation of privacy merely by using his home phone, rather than some
other phone, since his conduct, although perhaps calculated to keep the contents of his conversa-
tion private, was not calculated to preserve the privacy of the number he dialed. Second, even if
petitioner did harbor some subjective expectation of privacy, this expectation was not one that
society is prepared to recognize as “reasonable”. When petitioner voluntarily conveyed numerical
information to the phone company and “exposed” that information to its equipment in the normal
course of business, he assumed the risk that the company would reveal the information”.
More specifically on the internet see, e.g., Guest v. Leis, 255 F.3d 325, 335-36 (6th Cir. 2001),
finding no expectation of privacy in non-content information disclosed to ISP; United States v.
Internet, and to financial institutions (e.g. in case of a bank account).137 Following

this settled case-law, therefore, the Fourth Amendment clause does not apply to
internet communications and data (including banking digital data), with the result,
among others, that if the ECPA provisions are violated, this is “only” a statutory and
not a Constitutional violation. When, such as in the case of the Pen Register statute
(but also of the Stored Communications Act), the Congress did not provide for spe-
cific exclusionary rules in the legislation, the level of protection for the individuals
affected by these surveillance measures is therefore rather limited, including possi-
bilities for the latter to claim procedural or substantial violations before a court. This
interpretation was recently confirmed in Carpenter v United States (2018), where
the Court was called to judge upon the legitimacy of the warrantless search and
seizure of cell-site location information through a SCA disclosure order over the
course of 127 days. The USSC, indeed, recognised in the specific case a Fourth
Amendment’s protection, and thus an obligation for the Government to show prob-
able cause to obtain the records. However, it also explicitly confirmed the validity
of the third-party doctrine (at least formally), and simply created an exception
grounded on the supposed (and widely challengeable) “unique nature” of cell-site
location information.138
To this background, it should be added that a rather worrying practice has been
revealed in the US in the last decades. Thanks to a claim filed by a private citizen for
releasing information on the Government’s procedure of tracking individuals via
real-time measures,139 it emerged in fact that US prosecutors and law-enforcement
are not obtaining financial data through Pen Register Relevance Court Orders
Hambrick, 55 F. Supp. 2d 504, 508-09 (W.D. Va. 1999), aff’d, 225 F.2d 656 (4th Cir. Aug. 3, 2000);
United States v. Kennedy, 81 F. Supp. 2d 1103, 1110 (D. Kan. 2000). Cf. also Balkin (2008), p. 19.
On the nature of right to privacy, see the landmark case Katz v. United States, 389 U.S. 347
(1967). Critical on this issue Kerr (2003b), and Kerr (2003a). Reflecting on the role of third-parties
(in a pre-digital context) in the scope of privacy and secrecy, Caprioli (2000), pp. 30–32.
137
Cf. United States v. Miller, 425 U. S. 435,443 (1976), according to which there is no expectation
of privacy in financial records held by a bank, as revealing financial affairs to a financial institution
implies taking “the risk […] that the information [would] be conveyed by that person to the
Government” and “There is no legitimate “expectation of privacy” in the contents of the original
checks and deposit slips, since the checks are not confidential communications, but negotiable
instruments to be used in commercial transactions, and all the documents obtained contain only
information voluntarily conveyed to the banks and exposed to their employees in the ordinary
course of business”. Cf. also Blitz (2013); Lafave et al. (2017); Dennis (2011); Kerr (2010);
Slobogin (2007).
138
Carpenter v. United States, 585 U.S. ____ (2018), p. 11, see also Justice Kennedy and Alito’s
dissenting opinions, in favour of the doctrine, but concluding that the decision will make it de facto
inapplicable on fairly predictable basis. See also below, Sect. 8.2, sub 7).
139
The claim has been filed by Christopher Soghoian, a cyber-security and privacy researcher,
under the Freedom of Information Act, 5 U.S.C. ß 552 (2006), and was answered almost a year
later, in 2010, see Soghoian (2014).
(despite the wide discretion already granted by this tool), but rather using adminis-
trative subpoenas, issuing orders that go under the name of “Hotwatch”.140
According to the limited information (a mere power-point presentation, partially
censored) released in 2010 by the Department of Justice (DOJ), Hotwatch orders
represent a consolidated practice of electronic surveillance over citizens’ financial
records, and in particular over credit card transactions, retail shopping member
cards, calling cards, cell phones, travel agencies (e.g. rental car, airlines) and travel
reservations.141 To activate the orders, all that federal agencies allegedly have to do
is to contact the credit card security department, explain why the information is
relevant to the criminal investigation, and eventually send an administrative sub-
poena with a court order for non-disclosure addressed to the financial institutions,
“preventing them from telling their customers that the government has spied on
their financial transactions”.142
The Government can therefore directly compel financial institutions to monitor
ongoing and future banking transactions involving their own customers, and conse-
quently obtain all needed details concerning date, time and location of account
transactions, as they occur.
The use of administrative subpoenas to perform real-time surveillance measures
raises severe concerns, due to the low level of controls intrinsic to this mechanism.
For instance, it has been reported of law-enforcement investigators, especially at
State level, going directly to the court, and obtaining Hotwatch orders without even
previously discussing or vetting the application with a prosecutor.143
The main concern, however, is not represented by the lack of prosecutorial over-
sight, but rather by the limited role played by courts in this procedure. As previously
illustrated, in fact, the use of administrative subpoenas permits the judge to inter-
vene only in an eventual and subsequent way (within the non-disclosure order). The
court, therefore, is not entitled to conduct any Fourth Amendment analysis on the
140
DOJ (2010), reporting that “Records may be obtained via:
Administrative subpoena with a Court order for Non-Disclosure (preferred way) [bold in the
original]
Administrative subpoena with Ex Parte order (90 day delay of notice)
Search Warrant
Grand Jury subpoena (past records only)”.
141
This notwithstanding, “the US Department of Justice found 10 relevant documents in response
to the author’s Freedom of Information Act request, but has refused to deliver them”, cf. Soghoian
(2010), note 193.
142
Cf. DOJ (2010), and Soghoian (2014).
143
“In Freedman v. America Online, 303 F.Supp.2d 121 (7th Cir. 2005), over-zealous law enforce-
ment officers presented a search warrant application to America Online (“AOL”) which had been
reviewed or signed by a judge. AOL complied with the invalid warrant, and the person whose email
account information had been disclosed sued the law enforcement officers as well as AOL. The
claims against AOL were dismissed pursuant to a forum selection clause in the plaintiff’s subscrip-
tion agreement with AOL. The claims against the law enforcement officers survived summary
judgment”, cf. Denney and Parker (2015), p. 1.
existence of a probable cause to enforce the surveillance measure, that is to say, the
court does not have any real power of reviewing the merit of the measure.144
This profile is even more critical considering that the existence of a legitimate
legal basis for the Government to obtain such summons appears rather uncertain.145
The process requested by the Pen Register statute illustrated above, which currently
is the only US piece of legislation that could explicitly include banking surveillance
in its scope, is indeed incompatible with the feeble oversight requested by adminis-
trative subpoenas, and therefore cannot represent a proper legal basis to issue
Hotwatch orders.
According to legal scholars and public available sources, currently the US
Government appears to seek these administrative subpoenas mainly pursuant to the
All Writs Act, a very broad piece of legislation characterized by a quite vague sub-
ject matter, which allows courts to issue “all writs necessary or appropriate in aid of
their respective jurisdictions and agreeable to the usages and principles of law”.146
The All Writs Act, for instance, was identified by the Government as the legal basis
to try at forcing Apple to grant access to the data contained in the iPhone of the St.
Bernardino’s terrorist attacker.147 While generally what is sought under this statute
is pre-existing evidence, some case-law also supports the application of the All
Writs Act towards future records, even if not explicitly the installation of real-time
tracking devices.148 Both cases, anyway, seem to “grant the executive branch author-
ity to use investigative techniques either explicitly denied it by the legislative branch,
or at a minimum omitted from a far-reaching and detailed statutory scheme that has
received the legislature’s intensive and repeated consideration”.149 Although to date,
no court appears to have explicitly confirmed the legitimacy of using the All Writs
Act as a proper legal basis for banking surveillance, it is not far-fetched to imagine
its application also in this field, especially in cases where interests, particularly
“alarming” for the US criminal justice policy, are at stake.
Lastly, adding concern to concern, administrative subpoenas are, as anticipated,
based on a mechanism of indirect surveillance, which delegates real-time monitor-
ing tasks on private parties that (by default) apply standards, rules and (if any) safe-
guards that are usually not disclosed to the public, and therefore hard to be
democratically controlled and effectively reviewed. As it was brilliantly summa-
rized “Each type of surveillance requires trust in someone; the difference comes in
144
See, e.g., Davis (2012).
145
Denney and Parker (2015), p. 4. See also Singel (2010).
146
The All Writs Act, originally established as part of the Judiciary Act of 1789 (1. Stat. 73), then
repeatedly modified starting from 1911, is codified at 28 U.S.C. § 1651.
147
Cf., e.g., Lewis (2016). In this sense, see, for all, Electronic Privacy Information Center (2016).
148
Cf., e.g., United States v. Doe, 537 F. Supp. 838 (1982) at 839, ordering the disclosure of phone
calls records for the following 6 months; In re Application of the U.S.A. For an Order Directing X
To Provide Access to Videotapes, 2003 WL 22053105, No. 03-89 (22.08.2003 D. Md.), concerning
the subsequent production of videotapes from a camera installed in an apartment hallway.
149
Cf. In re Authorizing Use of a Pen Register, 384 F.Supp.2d 562 (E.D.N.Y. 2005), concerning an
order reaffirming denial of government’s phone tracking request, available online.
References 321
who receives the grant of trust. Direct surveillance asks us to trust the government,
and indirect surveillance asks us to trust the provider”.150
In a context in which either the Government and the providers are operating
without clear legal boundaries and oversight (at statutory level, or by courts), this
alternative does not look reassuring either way.
In this sense, the Hotwatch example shows how introducing clear surveillance
measures and procedures in domestic legal systems is increasingly urgent and nec-
essary. A lack of legal bases indeed does not mean that real-time surveillance is not
actually being implemented. On the contrary, it often results in the discretional and
uncontrolled exercise of intrusive powers by public, or private authorities in disre-
gard of defence and privacy rights of the affected individuals.
References
Allegrezza S (2010) Critical remarks on the Green Paper on obtaining evidence in criminal matters
from one member state to another and securing its admissibility. ZIS 9:569
Allegrezza S (2014) Collecting criminal evidence across the European Union: the European inves-
tigation order between flexibility and proportionality. In: Ruggeri S (ed) Transnational evi-
dence in multicultural inquiries in Europe developments in EU legislation and new challenges
for human rights-oriented criminal investigations in cross-border cases. Springer, Heidelberg,
p 51 et seq
Armada I (2015) The European investigation order and the lack of European standards for gather-
ing evidence is a fundamental rights-based refusal the solution? New J Eur Crim Law 6(1):8
Bachmaier Winter L (2010) European investigation order for obtaining evidence in the criminal
proceedings study of the proposal for a European Directive. ZIS 9:580
Bachmaier Winter L (2013) Transnational criminal proceedings, witness evidence and confronta-
tion: lessons from the ECtHR’s case law. Utrecht Law Rev 9(4):127
Balkin JM (2008) The constitution in the National Surveillance State. Faculty Scholarship Series.
Paper 225
BBC (2012) HSBC money laundering report: key findings, 11 December 2012. https://www.bbc.
co.uk/news/business-18880269. Accessed 19 July 2018
Bernal P (2016) Data gathering, surveillance and human rights: recasting the debate. J Cyber
Policy 1(2):243–264
Blitz MJ (2013) The Fourth Amendment future of public surveillance: remote recording and other
searches in public space. Am Univ Law Rev 63:21
Caianiello M (2016) Verso l’attuazione della direttiva ue sull’ordine europeo di indagine penale.
In: Caianiello M, Di Pietro A (eds) Indagini penali e amministrative in materia di frodi IVA
e doganali. L’impatto dell’European Investigation Order sulla cooperazione transnazionale,
Cacucci, Bari, p 305
Caianiello M (2018) L’attuazione della direttiva sull’ordine europeo di indagine penale e le sue
ricadute nel campo del diritto probatorio. Cass pen 6:2197
Caprioli F (2000) Colloqui riservati e prova penale. Giappichelli, Torino
Carvajal D, Minder R (2013) A whistle-blower who can name names of Swiss Bank account hold-
ers. The New York Times, 8 August 2013
Cocq C, Galli F (2013) The catalysing effect of serious crime on the use of surveillance technolo-
gies for prevention and investigation purposes. New J Eur Crim Law 4(3):256
150
Kerr (2003b).
Daniele M (2017) L’ordine europeo di indagine penale entra a regime. Prime riflessioni sul d. lgs.
n. 108 del 2017. Dir pen cont, 28 luglio 2017
Davis B (2012) Prying eyes: how government access to third-party tracking data may be impacted
by United States v. Jones. New Eng Law Rev 46:843
De Amicis G (2002) Il protocollo della convenzione relativa all'assistenza giudiziaria in materia
penale tra gli stati membri dell'Unione europea fatta a Bruxelles il 29 maggio 2000. Cass pen,
fasc.1: 421
De Amicis G (2011) Limiti e prospettive del mandato di ricerca della prova. Dir pen cont, 5 aprile
2011
De Amicis G (2018) Dalle rogatorie all'ordine europeo di indagine: verso un nuovo diritto della
cooperazione giudiziaria penale. Cass pen, p 22
De Hert P, Weis K, Cloosen N (2009) The Framework Decision of 18 December 2008 on the
European evidence warrant for the purpose of obtaining objects, documents and data for use in
proceedings in criminal matters - a critical assessment. New J Eur Crim Law 1:55–78
Denney C, Parker C (2015) Bankers beware of so-called “Hotwatch” orders – are they even legal?
In: White Collar Crime Committee Newsletter, ABA-Criminal Justice Section’s White Collar
Crime Committee, Winter/Spring 2015
Dennis ES (2011) A Mosaic Shield: Maynard, the Fourth Amendment, and privacy rights in the
digital age. Cardozo Law Rev 33:737
Di Nicola A, Gounev P, Levi M, Rubin J, Vettori B (2015) Study on Paving the Way for Future
Policy Initiatives in the Field of Fight Against Organised Crime: The Effectiveness of Specific
Criminal Law Measures Targeting Organised Crime. Final report funded by the European
Commission, February 2015. https://ec.europa.eu/home-affairs/sites/homeaffairs/files/e-
library/docs/20150312_1_amoc_report_020315_0_220_part_1_en.pdf. Accessed 19 July 2018
DOJ (2010) Powerpoint Presentation on Hotwatch Surveillance Orders of Credit Card Transactions,
issued on 2 December 2010. https://www.scribd.com/document/44542244/DOJ-powerpoint-
presentation-on-Hotwatch-surveillance-orders-of-credit-card-transactions. Accessed 19 July
2018
Drüen K-D (2012) The mutual assistance directives. In: Rust A, Fort E (eds) Exchange of informa-
tion and bank secrecy. Wolters Kluwer, The Netherlands, p 80
Electronic Privacy Information Center (EPIC) (2016) Apple v. FBI CM 16-10 (SP) Central District
of California (Fourth Amendment) Brief of Amicus Curiae Electronic Privacy Information
Center (Epic) and Eight Consumer Privacy Organizations. https://www.epic.org/amicus/
crypto/apple/EPIC-Amicus-Brief.pdf. Accessed 19 July 2018
Electronic Privacy Information Center (EPIC) (2018) United States v. Microsoft 17-2, Whether the
Stored CommunicationsAct authorizes warrants for personal data stored outside of the United States.
https://www.supremecourt.gov/DocketPDF/17/17-2/28360/20180118172113162_17-2%20
bsac%20Electronic%20Privacy%20Information%20Center.pdf. Accessed 19 July 2018
Falato F (2018) La proporzione innova il tradizionale approccio al tema della prova: luci ed ombre
della nuova cultura probatoria promossa dall’ordine europeo di indagine penale. Arch pen,
no. 1. http://www.archiviopenale.it/la-proporzione-innova-il-tradizionale-approccio-al-tema-
della-prova-luci-ed-ombre-della-nuova-cultura-probatoria-promossa-dallordine-europeo-di-i-
ndagine-penale/articoli/15303. Accessed 19 July 2018
Felicioni P (2012) Le ispezioni e le perquisizioni. Giuffrè, Milano
Fitzgibbon W (2017) Where are they now? A year later, mixed fortunes for Panama Papers line-up.
ICIJ/Panama Papers, 3 April 2017. https://www.icij.org/investigations/panama-papers/year-
later-panama-papers-update/. Accessed 19 July 2018
Europe and the US. Hart, Oxford
FSB (2017) Financial Stability Implications from FinTech, June 2017. http://www.fsb.org/wp-
content/uploads/R270617.pdf. Accessed 15 July 2018
Garner BA (ed in Chief) (2014) Black’s law dictionary, 10th edn. Thomson Reuters, St. Paul
References 323
Garside J (2015) HSBC pays out £28m over money-laundering claims. The Guardian, 4 June
2015. https://www.theguardian.com/business/2015/jun/04/hsbc-fined-278m-over-money-laun-
dering-claims. Accessed 19 July 2018
Gross E (2002) The influence of terrorist attacks on human rights in the United States: the after-
math of September 11, 2001. N C J Int Law Commer Regul 28:1
Guernsey L (2001) Living under an electronic eye. The New York Times, 27 September 2001
Harris DJ, O’Boyle M, Beates EP, Buckley M (2014) Law of the European Convention on human
Henrichs C (2017) Steueroase in der EU. Mafia-Blut an Maltas Geld. Der Spiegel, 21 May 2017.
http://www.spiegel.de/wirtschaft/soziales/malta-files-wie-die-steueroase-die-mafia-anlockt-
a-1148446.html#ref=rss. Accessed 19 July 2018
Hess M (2012) Exchange of information: the swiss perspective. In: Rust A, Fort E (eds) Exchange
of information and bank secrecy. Wolters Kluwer, The Netherlands, p 169
Howse T (2012) England. In: Ligeti K (ed) Toward a prosecutor for the European Union, Volume
1: a comparative analysis. Hart, Oxford, p 133
Illuminati G (ed) (2009) Prova penale e Unione Europea–Atti del convegno L’Armonizzazione
della prova penale nell’Unione Europea. In: Facoltà di Giurisprudenza dell’Università di
Bologna, 18-19 aprile 2008, BUP, Bologna
International Monetary Fund (2011) Staff Country Reports, Kingdom of the Netherlands-
Netherlands: Detailed Assessment Report on Anti Money Laundering and Combating
the Financing of Terrorism, April 2011. https://www.imf.org/en/Publications/CR/
Issues/2016/12/31/Kingdom-of-the-Netherlands-Netherlands-Detailed-Assessment-Report-
on-Anti-Money-Laundering-24801. Accessed 19 July 2018
Kerr OS (2003a) Symposium: enforcing privacy rights: communications privacy: lifting the
“Fog” of internet surveillance: how a suppression remedy would change computer crime law.
Hastings Law J 54:805
Kerr OS (2003b) Internet surveillance law after the USA Patriot Act: the big brother that isn’t.
Northwest Univ Law Rev 97:607
Kerr OS (2004) The future of internet surveillance law: a symposium to discuss internet surveil-
lance, privacy & the USA Patriot Act: foreword: the future of internet surveillance law. George
Wash Law Rev 72:1139
Kerr OS (2009) The National Surveillance State: a response to Balkin. Minn Law Rev 93:2179
Kerr OS (2010) Applying the Fourth Amendment to the internet: a general approach. Stanford Law
Rev 62:1005
Kerr OS (2014) A rule of lenity for national security surveillance law. Va Law Rev 100:1513
Kert R, Lehner A (2012) Austria. In: Ligeti K (ed) Toward a prosecutor for the European Union,
Volume 1: a comparative analysis. Hart, Oxford, p 9
Lafave WR, Israel JH, King NJ, Kerr OS (2017) Criminal procedure, 6th edn. West Academic
Publishing, St. Paul
Lewis D (2016) What the all writs act of 1789 has to do with the iPhone. How a law signed by
George Washington is being applied to Apple. Smithsonian.com, 24 February 2016. https://
www.smithsonianmag.com/smart-news/what-all-writs-act-1789-has-do-iphone-180958188/.
Ligeti K (ed) (2012) Toward a prosecutor for the European Union Volume 1: a comparative analy-
sis. Hart, Oxford
Ligeti K (ed) (forthcoming publication) Toward a Prosecutor for the European Union, Vol 2. Hart,
Oxford
Luchtman M, Vervaele JAE (eds) (2017) Report. Investigatory powers and procedural safeguards:
Improving OLAF’s legislative framework through a comparison with other EU law enforce-
ment authorities (ECN/ESMA/ECB). https://dspace.library.uu.nl/.../Report_Investigatory_

powers_and_procedural_safeguards. Accessed 15 July 2018
M.V. (2016) The fall-out from Falciani. The Economist, 16 October 2013
Malagutti V, Riva G, Tizian G, Vergine S (2017) Malta Nostra: how Italian Mafia is using the island
to launder money. The Italian crime organization choose the Mediterranean state to invest in
new businesses. L’Espresso, 25 May 2017. http://espresso.repubblica.it/inchieste/2017/05/23/
news/malta-nostra-1.302445. Accessed 19 July 2018
Mangiaracina A (2014) A new and Controversial Scenario in the gathering of evidence at the
European level: the proposal for a directive on the European investigation order. Utrecht Law
Rev 10(1):113
MONEYVAL (2013) The Postponement of Financial Transactions and the Monitoring of Bank
Accounts, April 2013. https://rm.coe.int/research-report-the-postponement-of-financial-trans-
actions-and-the-mon/168071509b. Accessed 19 July 2018
O’Sullivan JR (2016) Federal white collar crimes, cases and materials, 6th edn. West Academic
Publishing, St. Paul
OECD (2005) Articles of the model convention with respect to taxes on income and on capital [as
they read on 15 July 2005]. http://www.oecd.org/tax/treaties/35363840.pdf. Accessed 19 July
2018
Panzavolta M (2016) Ordine di indagine europeo e indagini bancarie: spunti di riflessione sul con-
cetto di caso interno analogo e atto di indagine alternativo. In: Caianiello M, Di Pietro A (eds)
Indagini penali e amministrative in materia di frodi IVA e doganali. L’impatto dell’European
Investigation Order sulla cooperazione transnazionale. Cacucci, Bari, p 367
Peçi I (2012) The Netherlands. In: Ligeti K (ed) Toward a prosecutor for the European Union,
Sampathkumar M (2017) Amazon Echo could become key witness in murder investigation after
data turned over to police. Man on trial for murder has agreed to turn over audio data from his
smart home device. The Independent, 9 March 2017
Selvaggi E (2018) L’ordine europeo di indagine-EIO: Come funziona? Cass pen, p 44
Singel R (2010) Feds Warrantlessly Tracking Americans’ Credit Cards in Real Time, 12 February
2010. https://www.wired.com/2010/12/realtime/. Accessed 19 July 2018
Siracusano F (2012) Tra mutuo riconoscimento e armonizzazione preventiva: quali prospettive
per la circolazione della prova dichiarativa nell’ambito dell’Unione europea?. Arch pen, n. 1
Slobogin C (2007) Privacy at risk: the new government surveillance and the Fourth Amendment.
The University of Chicago Press
Soghoian C (2010) Privacy and law enforcement: caught in the cloud: privacy, encryption, and
government back doors in the Web 2.0 Era. J Telecommun High Technol Law 8:359
Soghoian C (2014) DOJ’s ‘Hotwatch’ Real-Time Surveillance of Credit Card Transactions,
4 December 2010. https://www.lewrockwell.com/2010/12/christopher-soghoian/dojs-hot-
watch-real-time-surveillance-of-credit-card-transactions/. Accessed 19 July 2018
Spencer JR (2010) The Green Paper on obtaining evidence from one Member State to another and
securing its admissibility: the reaction of one British Lawyer. ZIS 9:602
Spiegel P (2014) EU agrees laws to end banking secrecy. Financial Times, 14 October 2014
Stevens GM, Doyle C (2002) Privacy: wiretapping and electronic eavesdropping. Books, Novinka
Taipale KA (2007) The ear of dionysus: rethinking foreign intelligence surveillance. Yale J Law
Technol 9:128
Taslitz AE (2013) Symposiun on Cybercrime: Cybersurveillance without restraint? The meaning
and social value of the probable cause and reasonable suspicion standards in governmental
access to third-party electronic records. J Crim Law Criminol 103:839
Timan T, Maša G, Koops B-J (2017) Surveillance theory and its implications for law. In:
Brownsword R, Scotford E, Yeung K (eds) The Oxford handbook of law, regulation, and tech-
nology. Oxford University Press, Oxford, pp 731–753
Tricot J (2012) France. In: Ligeti K (ed) Toward a prosecutor for the European Union, Volume 1:
a comparative analysis. Hart, Oxford, p 222
References 325
Tricot J, Martìn AN (forthcoming) Monitoring of banking transactions and traffic data. In: Ligeti K
(ed) Toward a prosecutor for the European Union-draft rules of procedure, vol 2. Hart, Oxford
U.S. Senate Permanent Subcommittee on Investigations (2012) Committee on Homeland Security
and Governmental Affairs, U.S. Vulnerabilities to Money Laundering, Drugs, and Terrorist
Financing: HSBC Case History, 17 July 2012. https://www.gpo.gov/fdsys/pkg/CHRG-
Van Hoek AAH, Luchtman M (2005) Transnational cooperation in criminal matters and the safe-
guarding of human rights. Utrecht Law Rev 1(2):1–39
Vernimmen-Van Tiggelen G, Surano L (2008) Analysis of the future of mutual recognition in crim-
inal matters in the European Union, Final Report. Institute for European Studies Jean Monnet/
Université Libre de Bruxelles, European Criminal Law Academic Network, 20 November
2008. https://www.advokatsamfundet.se/globalassets/advokatsamfundet_sv/nyheter/slutrap-
port_mutual_recognition_eng.pdf. Accessed 19 July 2018
Vervaele JAE (ed) (2005) European evidence warrant. Transnational judicial inquiries in the
EU. Intersentia, Cambridge
Vervaele JAE (2007) La legislazione anti-terrorismo negli Stati Uniti: inter arma silent leges? Riv
it dir e proc pen, fasc. 2:739
Weigend T (2013) Germany. In: Ligeti K (ed) Toward a prosecutor for the European Union,
Zanetti G (2008) Il diritto penale dell’era digitale. Caratteri, concetti e metafore. Ind pen, p 510
Chapter 8
Introducing a Regulation on (Banking)
Data Surveillance in the EU: Some
Proposals
Against the composite framework and the increasing urgency to provide for clear
legal basis, and above all for adequate guarantees in case forms of real-time moni-
toring of banking records are performed, this Chapter concludes the present work,
introducing some proposals on the key features that should characterize a regulation
concerning surveillance on banking data within the EU legal framework.
To this aim, in Sect. 8.1 a special focus is put on identifying the right(s) affected
by banking data surveillance in light of the Charter of the Fundamental Rights of the
European Union and of the European Convention on Human Rights. Accordingly,
in Sect. 8.2 basic procedural rules and safeguards are highlighted, that shall apply
when such surveillance techniques are implemented (at least) in criminal proceed-
ings, including, as discussed in Sect. 8.3, considerations over which authority
should authorize the use of real-time monitoring of banking records.
8.1 I dentifying the Fundamental Right(s) Affected

by Real-Time Monitoring of Digital (Banking) Data
The first element that shall be considered in outlining the main features of a legal
framework for the surveillance on banking records is the identification of the rights
affected by this investigative measure.
Facing this task, it shall be taken into account that, as already observed, most
banking records are no more represented by paper documents, but rather by digital
data, the creation of which represents today an unavoidable factor for all human
(including financial) relationships1: Indeed, in the present digital society, it is

1

https://doi.org/10.1007/978-3-030-12161-7_8
328 8 Introducing a Regulation on (Banking) Data Surveillance in the EU: Some Proposals
b asically impossible for natural or legal persons not to daily produce an incredible
amount of (mostly digital) data, which incidentally may reveal enormous amounts
of (valuable) private information.2
A relevant part of this knowledge does not remain in the exclusive availability of
its producers: As highlighted by the new EU data protection Regulation No 2016/679
(better known as “GDPR”), “Rapid technological developments and globalization
have brought new challenges for the protection of personal data. The scale of the
collection and sharing of personal data has increased significantly […] persons
increasingly make personal information available publicly and globally”.3 This
phenomenon may occur either because data is voluntarily published or, more wor-
ryingly, because it gets unwittingly shared, due to the fact that many online services
(also in the financial field) necessarily require the production and/or disclosure of
private information to be accessed to: For average users therefore the alternative is
simply whether to use the service, thus sharing personal data, or not to use the ser-
vice at all (while, for instance, it is still possible to use the phone to communicate
while graduating the level of sensitive information that gets disclosed).
Digitalisation, naturally, highly affects also criminal justice systems since, as
reported by Directive 2016/680 on the protection of personal data in preventive and
criminal proceedings, “Technology allows personal data to be processed on an
unprecedented scale in order to pursue activities such as the prevention, investiga-
tion, detection or prosecution of criminal offences or the execution of criminal
penalties”.4 To date, however, the impact of digital technology in criminal investiga-
tion has been only unevenly taken into account in national legal frameworks.
In some legal orders, the acknowledgment that already existing legal categories
often cannot properly regulate phenomena so overwhelming as digitalization—
potentially able to affect fundamental rights to an extent previously unconceiv-
able—brought to the creation of new legal categories and rights. That was, for
instance, the approach followed by the German Constitutional Court which, in
2008, declared the inadequacy of the Constitutional guarantees protecting private
communications and home, and created a “new” Constitutional right to the secrecy
and the integrity of IT systems grounded on human dignity (Grundrecht auf
Gewährleistung der Vertraulichkeit und Integrität informationstechnischer
Systeme), to be used as a parameter in evaluating the legitimacy of electronic forms
2
Either because the information is valuable in itself, or because it might become so through data
mining operations. Only with regard to cell phone data, the market “is now estimated to be in the
billions of dollars” cf. Carpenter v US, cit., Kennedy J, dissenting, p. 5.
3
Recital (6), Regulation (EU) 2016/679 of 27.04.2016 on the protection of natural persons with
regard to the processing of personal data and on the free movement of such data, and repealing
Directive 95/46/EC.
4
Cf. Recital (3), Directive (EU) 2016/680 of 27.04.2016 on the protection of natural persons with
regard to the processing of personal data by competent authorities for the purposes of the preven-
tion, investigation, detection or prosecution of criminal offences or the execution of criminal pen-
alties, and on the free movement of such data. On the impact of new technologies in criminal
investigations, see also Orlandi (2009), p. 129; Orlandi (2014).
8.1 Identifying the Fundamental Right(s) Affected by Real-Time Monitoring… 329
of surveillance.5 A similar approach, although practically less effective—for the

reasons that will be discussed further below—was also followed by the Italian
Supreme Court, that extended the protection established for domicile also to that
virtual space personal, the access to which may be controlled (and excluded),
through the elaboration of the notion of “virtual domicile” (domicilio informatico).6
In most cases, however, digital technology represents a challenging factor that
still founds no adequate response in criminal justice systems, especially when it
comes to balance fundamental rights with general interests, such as security.
These critical issues, for instance, are increasingly fuelling a debate in the US
with regard to the trade-off between successful government investigation and pri-
vacy. This is attested by a series of Supreme Court’s landmark cases, which started
to deal with the use of digital technology in criminal investigation for tailing pur-
poses in United Sates v Knotts (1983) and United States v Jones (2012)7; and for
home searches in Kyllo v United States (2001)8; than considered the peculiarity of
digital devices in search incident to arrest in Riley v California (2014)9; and in the
collection of location records from cell-site location information in Carpenter
(2018).10 Numerous are also the cases, at local level, concerning requests addressed
to internet search engine corporations to provide the government with users’
information.11
These and other problematics created by digital technology in criminal investiga-
tions, are however destined to inevitably remain unsolved in lack of a comprehen-
sive legal, but also philosophical and ethical re-thinking of the foundational basis of
fundamental rights and principles. Such re-calibration is actually essential to iden-
tify and separate the concrete modalities that characterize the exercise of a certain
right in a specific historical period (e.g. e-mails instead of letters, VoIP instead of
phones, digital documents rather than paper) from the core and scope of these rights.
The latter indeed need to endure in order to maintain an adequate level of
safeguards.
For instance, taking into account the rather broad definition of domicile devel-
oped by the Court in Strasbourg as a “physically defined area, where private and
5
BVerfG, 27.02.2008, BVerfGE 120, 274 et seq., on the impact for the decision and its following
case-law see, e.g., Knierim (2008), p. 253764; Kudlich (2008), p. 475; Maisch (2015), p. 56 et seq.;
Bull et al. (2016), Nicolicchia (2017), and Orlandi (2018), note 7.
6
Cf., e.g., in the Italian case-law, Cass., Sez. V, sent. 8.05.2012, dep. 26.10.2012, n. 42021, in Foro
it., 2012, 12, 2, p. 709. On the notion of “virtual domicile”, see Torre (2017), p. 84 et seq.; Maioli
and Sanguedolce (2012), Pica (1999), p. 66; Signorato (2017), pp. 59–66.
7
Respectively 460 U.S. 276 (beeper tracking) and 615 F. 3d 544, affirmed (GPS tracking).
8
533 U.S. 27, 34 (2001), concerning the use of a thermal imager to detect heat radiating from the
side of the defendant’s home.
9
573 U.S. __ (2014), with specific regard to cell phones, cf. e.g., Logan (2001), and, if you please,
Lasagni (2018).
10
Cf. Sect. 7.6. In this sense, see, for all, Electronic Privacy Information Center (2017).
11
Since also other major corporations or search engines, such as Google and Yahoo, report of thou-
sands of government requests for user’s information, “including web pages visited and the search
terms used”, cf. Gray (2017), p. 107; see also Schulhofer (2012).
family life develops” characterized by the existence of a sufficient and continuous

link with the person involved by the investigations,12 any intrusion into a personal
digital system, especially if protected by a password, could in principle be consid-
ered as a violation of the negative obligation of the State not to interfere with such
spaces. The possibility to extend the concept of domicile also to include personal
(especially digital) data, however, bears certain limitations: Indeed, under the advent
of informatics, in a context where human personality is indifferently developed both
“physically” and “virtually”, most distinctions between private and public spaces,
and the same definition of “space” are mostly and increasingly failing. In addition,
tracing intangible digital data, which may be not only stored on a device, but also on
the cloud, back to the notion of a “physically defined area” may appear ontologi-
cally hard.
Where, as in many countries, such a foundational re-thinking has not occurred
yet, and fundamental rights concerning several aspects of individual liberty, strictly
connected to each other, are frequently safeguarded by separated Constitutional
rights, the investigative technique of real-time monitoring of banking record (as a
species of the broader genus of personal (digital) data surveillance) is usually
applied using legal basis grounded on “analogue” interpretations of fundamental
rights. This trend notably stretches legal notions and categories, and often produces
unsatisfactory results.13
Digital forms of surveillance, in fact, are able to simultaneously affect several
aspects of individual liberty, and may therefore cannot be adequately correlated
only to fundamental rights protecting for instance home or communications, and
even less to sets of legislation traditionally regulating their limitations.14
In this sense, difficulties in granting adequate protection persist for instance
adopting, as mentioned above, a notion of “virtual domicile” without implementing
adequate changes in secondary legislation too. The problem, in fact, is not only that
of identifying a relevant fundamental right, but also to select one from which it is
possible to derive adequate procedural safeguards without distorting the current
asset of “analogous” criminal investigations, which of course maintain a fundamen-
tal role also in the present digital society. Under this profile for example, regulations
concerning search do not generally encompass the use of real-time monitoring tools
and are rather shaped upon retrospective investigative measures (i.e. measures to
collect pre-existing data). Hence, procedural guarantees provided for in such cases
usually lack fundamental rules establishing, a maximum duration of the measure, or
the need for a specific authorization in case of extension of such term. Pre-digital
12
Cf. Giacomelli v Italy, 2.11.2006, Application no. 59909/00, § 76; Gillow v the United Kingdom,
24.11.1986, Application no. 9063/80, § 46.
13
Such as Italy, cf., if you please, with regard to smartphone search, Lasagni (2018).
14
Cf. e.g. Bernal (2016), p. 247 “‘new’ surveillance is both qualitatively and quantitatively differ-
ent from ‘traditional’ surveillance or interception of communications. Where traditional ‘commu-
nications’ was seen as a subset of traditional privacy rights […] the new form of communications
has a much broader relevance, a wider scope, and brings into play a much broader array of human
rights. The surveillance too is different—and the impact that it can have is different: more exten-
sive, more multifaceted and with a greater impact on the people subjected to it”.
regulations, moreover, do not frequently take into account that online searches may
occur remotely and unbeknown to the person concerned. These two crucial profiles
of intrusiveness should instead be specifically tackled by a regulation dealing with
surveillance of digital (banking) data that aims at being effective in safeguarding the
rights of affected individuals.
In this sense, thus, the “digitalisation” of pre-existent rights appears more critical
than the solution proposed by the German Constitutional Court, as sometimes main-
taining even a linguistic link with “traditional” forms of protection risks to generate
misleading interpretations, and encourage indulging in the false impression for
instance, that traditional search regulation may suffice also for real-time monitoring
of digital (banking) data.15
Critical issues emerge also trying to apply to this case regulations of interception
of communications, although wiretapping certainly shares some important features
with data surveillance. Contrary to production orders, which are a retrospective
measure, both interceptions and real-time monitoring are indeed prospective inves-
tigative techniques, a circumstance which implies a higher degree of curtailment for
the rights of the subject involved.16
In this perspective, from one side, wiretapping might actually be intended as a
form of surveillance or real-time monitoring, used to collect a specific kind of infor-
mation, that is “communication”.
One might wonder, on the other side, whether the notion of “communication”
should be interpreted so as to include in it also the personal (banking digital) data.
Indeed, if this question were to be answered in the affirmative, distinguishing
between wiretapping and surveillance would lose its raison d’être, and there would
be no need of establishing a different legal framework for real-time monitoring of
(banking) data: Also this investigative technique could be performed according to
the rules provided for interceptions with a mere extensive interpretation.17
This would require including in the notion of “communication” not only its more
traditional meaning (written and oral communications between at least two human
beings, including if mediated by an electronic device, such as e-mails, chats or VoIP
conversations), but also the content derived from the interaction between a person
and the device itself.18 In this sense, online banking records represent an example of
information which could hardly be classified as communication in its traditional
meaning, but that may likely be included in its extended notion.
15
As currently occurring in Italy (regardless of the criticism of academics, see for all Orlandi
(2018); Torre (2017), p. 85), cf. Cass., Sez. V, sent. 14.10.2009, dep. 29.04.2010, n. 16556, Pres.
Calabrese, Rel. Pizzuti, Imp. Virruso e a., C.E.D. 246954, pp. 20–21, commented by Aterno
(2013), p. 955 et seq. and Torre (2015), p. 1167, which applied the notion depending not on the
sensitive content of the information itself, but rather on whether the servers are physically located
in a private domicile or not.
16
17
As seemingly occurs in IT with the transposition of the EIO Directive, cf. Sect. 7.5.
18
On the impact of new technology in wiretapping regulation see e.g. Camon (1996), p. 7 et seq.
Real-time monitoring, however, has always been maintained separated from

wiretapping in the Council of Europe and the European Union’s supranational legal
sources.19
A broad interpretation of “communication” does not appear to have met the
favour of national legislators and jurisprudence either, as clearly showed in the
US,20 as well as by other EU Member States’ case-law.21
Reasons to keep wiretapping and real-time monitoring separated may be derived
also from more substantial grounds. For instance, whilst communications and the
creation of digital (also banking) data in a human being-machine interaction cer-
tainly present some similarities, data collection may present critical profiles (deriv-
ing for instance from the application of data mining techniques) that are not pertinent
to cases in which only stricto sensu communications are apprehended.
Indeed, as already highlighted by numerous sources, including the Court of
Justice starting from in its landmark decision Digital Rights Ireland (2014) data
“taken as a whole, may allow very precise conclusions to be drawn concerning the
private lives of the persons whose data has been retained, such as the habits of
everyday life, permanent or temporary places of residence, daily or other move-
ments, the activities carried out, the social relationships of those persons and the
social environments frequented by them”.22 As concluded by the same Court in
Tele2-Watson (2016), “data provides the means […] of establishing a profile of the
individuals concerned, information that is no less sensitive, having regard to the
right to privacy, than the actual content of communications”.23
Against this background, it is to be welcomed the approach, first inaugurated by
the Court in Strasbourg, which examines data surveillance in light of the broader
right to a private and family life established by Article 8 ECHR.
Indeed, the vague (and for that reason both praised and criticized24) wording of
this provision (defined by the same ECtHR “not susceptible to exhaustive
definition”25) allowed the Court to include in it several aspects related to the right to
privacy, interpreted as “the “inner” circle in which the individual may live his own
personal life as he chooses and to exclude therefrom entirely the outside world not
encompassed within that circle”, comprising also “to a certain degree the right to
establish and develop relationships with other human beings” (e.g. communication
protection).26
19
Such as the 2005 COE Convention, and the EIO Directive, cf. Sect. 7.3.
20
Cf. Sect. 7.6.
21
Such as in Italy, see Cass., Sez. un., 28.05.2003, dep. 24.09.2003, n. 36747, Pres. Marvulli, Rel.
Milo, Imp. Torcasio, in Cass. pen., 2004, p. 2094 commented by Filippi (2003); see also Fumu
(2003), p. 762.
22
Digital Rights Ireland, Case C-293/12, § 27.
23
Joined cases Tele2 Sverige AB (C-203/15) v Post- och telestyrelsen and Secretary of State for the
Home Department v Tom Watson and Others (C-698/15), § 99.
24
Cf. e.g., Harris et al. (2014), p. 522 et seq.
25
Benedik v Slovenia, 24.04.2018, Application no. 62357/14, §§ 100 and 102.
26
Cf. Niemietz v Germany, 16.12.1992, Application no. 13710/88, § 29; Uzun v Germany, 2.09.10,
From such a broad notion, the ECtHR derived both a negative obligation for the
States not to interfere with the privacy of individuals (right to “be left alone”),27 and
a positive obligation for the same States to adopt adequate legal framework and
measures to ensure that compliance with this right is effectively achieved also
among private parties.28 In this sense, the ECtHR has famously and repeatedly
underlined the “essential role played by personal data protection in safeguarding the
right to respect for private life as guaranteed by Article 8”,29 and how “the storing of
data relating to the “private life” of an individual constitutes interference for the
purposes of Article 8”.30 This notion of privacy permits to confer a more uniform
level of safeguards than the approaches previously described. Regardless of their
“communicative” or “not communicative” (in their traditional meaning) content, in
fact, any operation of real-time monitoring of personal data, certainly constitutes
“in itself an interference” with the right to a private life.31
Collecting personal information, in fact, certainly affects the right to personal
autonomy in establishing individual identity32. This conclusion, in the jurisprudence
of the Court in Strasbourg, holds true for both natural and legal persons,33 although
with some limitations in the latter case, as legal persons cannot invoke the
Conventional protection “from nuisances or problems which can be encountered
only by natural persons”.34 According to the Court, personal data shall be consid-
ered related to private-life aspects taking into account “the specific context in which
27
Cf., e.g., Malone v the UK, 2.08.1984, Application no. 8691/79; Kroon and Others v. the
Netherlands, 27.10.1994, Application no. 18535/91, § 31.
28
Cf., e.g., Evans v. the United Kingdom, 10.04.2007, Application no. 6339/05, § 75, although the
principle was first set out in Marckx v. Belgium, 13.06.1979, Application no. 6833/74; cf. also
Pollicino (2017), p. 136; Martinico (2017), p. 118.
29
Cf., e.g., G.S.B. v. Switzerland, 22.12.2015, Application no. 28601/11, § 90; S. and Marper v. The
United Kingdom, 4.12.2008, Applications nos. 30562/04, 30566/04, §§ 66–67.
30
M.N. and Others v. San Marino, 7.07.2015, Application no. 28005/12, § 53.
31
Digital Rights Ireland, Case C-293/12, § 34; cf. also Balsamo (2015), pp. 168–175.
32
Cf. X v The Federal Republic of Germany, Decision of 7.05.1981, Application no 8334/78.
33
Cf., e.g., Bernh Larsen Holding As and Others v. Norway, 14.03.2013, Application no. 24117/08,
where, against the Government’s opinion that “only natural persons could be considered to have a
“private life”” (§ 98), the Court reiterated that the protection of Article 8 ECHR, in the specific case
with regard to home or domicile protection, “includes not only the registered office of a company
owned and run by a private individual […] but also that of a legal person and its branches and other
business premises” (§ 104); Saint-Paul Luxembourg S.A. v. Luxembourg, 18.04.2013, Application
no. 26419/10, § 37. See also Martinico (2017), p. 118. See also Ste Colas Est, 16.04.2002,
Application no. 37971/97, § 41; Buck v Germany, 28.07.2005, Application no. 41604/98.
34
Asselbourg and 78 Others and Greenpeace Assocation-Luxembourgv v. Luxembourg, 29.06.1999,
Application no. 29121/95, p. 6; Sdružení Jihočeské Matky v. the Czech Republic (dec.), Application
no. 19101/03, 10.07.2006, at 2.1. On the application of fair trail rights to legal persons in the
ECtHR case-law, see above Sect. 6.2, and Sect. 6.3.5. with specific regard to the privilege against
self-incrimination.
the information at issue has been recorded and retained, the nature of the records,
the way in which these records are used and processed and the results that may be
obtained”.35
This interpretation was explicitly applied by the ECtHR to banking records
retained by public authorities. In M.N. and others v. San Marino (2015), for instance,
the Court considered “that information retrieved from banking documents undoubt-
edly amounts to personal data concerning an individual, irrespective of it being
sensitive information or not. Moreover, such information may also concern profes-
sional dealings and there is no reason of principle to justify excluding activities of a
professional or business nature from the notion of “private life””.36
In Sommer v. Germany (2017), again in the context of investigative measures
applied to banking data, the Court further specified that “storage or collection of
data relating to the “private life” of an individual constitutes interference for the
purposes of Article 8, irrespective of who is the owner of the medium on which the
information is held”.37 Similar considerations were consistently confirmed by the
ECtHR in its following jurisprudence, and extended also to other categories of
“similar” personal data, such as “tax data” (G.S.B. v. Switzerland, 2015)38 and that
generally concerning “a financial situation” (Brito Ferrinho Bexiga Villa-Nova, also
2015).39
In the EU, thanks to the equivalence clause of Article 52(3) CFREU, the content
of Article 8 ECHR shall be recognised to Articles 7 and 8 of the Charter, which
protect both the right to private and family life, and personal data40 (the latter finding
35
Cf., e.g., S. and Marper v. the United Kingdom, § 67.
36
M.N. and Others v. San Marino, § 51.
37
Sommer v. Germany, 27.04.2017, Application no. 73607/13, § 59, and case-law there
mentioned.
38
G.S.B. v. Switzerland, § 89 and case-law there mentioned.
39
Cf., e.g., Brito Ferrinho Bexiga Villa-Nova v. Portugal, 1.12.2015, Application no. 69436/10, §§
42–44: “42. Les parties conviennent que les données bancaires de la requérante constituent des
informations personnelles relevant de sa vie privée, entrant bien dans le champ d’application de
l’article 8 de la Convention. Elles s’accordent également à reconnaître qu’il y a eu ingérence dans
l’exercice par la requérante de son droit au respect de sa vie privée. La Cour note aussi que les
juridictions internes n’ont pas contesté que les informations bancaires étaient couvertes par le
secret professionnel étant donné notamment que la requérante avait reçu des versements effectués
par des clients sur son compte bancaire personnel (voir ci-dessus paragraphes 9, 10 et 12). 43. La
Cour ne voit pas de raison de conclure autrement. Elle rappelle que la notion de “vie privée” peut
inclure les activités professionnelles ou commerciales (Niemietz c. Allemagne, 16.12.1992, § 29,
série A no 251-B). En outre, elle “accorde un poids singulier au risque d’atteinte au secret profes-
sionnel des avocats car il est la base de la relation de confiance entre l’avocat et son client (André
et autre c. France, no 18603/03, § 41, 24.07.2008 et Xavier da Silveira c. France, no 43757/05, §
36, 21.01.2010) et il peut avoir des répercussions sur la bonne administration de la justice” (Wieser
et Bicos Beteiligungen GmbH c. Autriche, no 74336/01, §§ 65–66, CEDH 2007-IV; Niemietz,
précité, § 37, et André et autre, précité § 41). 44. La Cour en conclut que la consultation des extraits
de comptes bancaires de la requérante a bien constitué une ingérence dans son droit au respect du
secret professionnel, lequel rentre dans la vie privée (M.N. et autres c. Saint-Marin, no 28005/12,
§ 51, 7.07.2015)”.
40
See Explanatory report to the Protocol to the 2000 Convention on mutual assistance in criminal
matters between the Member States of the European Union (Text approved by the Council on 14
legal basis also in Article 16 TFEU,41 and declined in several pieces of secondary
EU legislation42). Protection of privacy and personal data indeed represents a funda-
mental part of the vast (although perhaps not as vast as it could or should be43) case-
law of the Court of Justice. The Court often applies Articles 7 and 8 in
combination44–although it seldomly underlined the innovative character of Article 8
CFREU which “is distinct from that enshrined in Article 7 of the Charter and which
has no equivalent in the ECHR”.45
First of all, similarly to what affirmed by the ECtHR in Sommer, also according
to the CJEU when it comes “to establish the existence of an interference with the
fundamental right to privacy, it does not matter whether the information on the pri-
vate lives concerned is sensitive or whether the persons concerned have been incon-
venienced in any way”.46
In the CJEU case-law, privacy and data protection are recognized to natural per-
sons and, at least in principle, to legal entities as well,47 although in this second case
the level of protection might be different, given that “legal persons are already
October 2002), pp. 10–11, and Pollicino (2017), pp. 135–136. See also Google Spain SL and
Google Inc. v Agencia Española de Protección de Datos (AEPD) and Mario Costeja González,
Case C-131/12, 13.05. 2014, ECLI:EU:C:2014:317, § 68. The link was also confirmed in
Maximillian Schrems v Data Protection Commissioner, Case C-362/14, 6.10.2015,
ECLI:EU:C:2015:650, § 39, according to which “It is apparent from Article 1 of Directive 95/46
and recitals 2 and 10 in its preamble that that directive seeks to ensure not only effective and com-
plete protection of the fundamental rights and freedoms of natural persons, in particular the funda-
mental right to respect for private life with regard to the processing of personal data, but also a high
level of protection of those fundamental rights and freedoms. The importance of both the funda-
mental right to respect for private life, guaranteed by Article 7 of the Charter, and the fundamental
right to the protection of personal data, guaranteed by Article 8 thereof, is, moreover, emphasised
in the case-law of the Court”.
41
Cf. Digital Rights Ireland Ltd, Case C-293/12, § 53.
42
Such as Regulation 2016/679 and Directive 2016/680, cit.
43
Cf. in this sense, e.g., Martinico (2017), p. 120, in general terms with regard to the Charter as a
whole in the ECJ case-law, see Sarmiento (2013), p. 1267; Fontanelli (2011), p. 22 et seq.; Sanchez
(2012), p. 1565.
44
Cf. Explanatory report to the Protocol to the 2000 Convention, p. 11.
45
Cf. Joined cases Tele2 Sverige AB (C-203/15) and Watson (C-698/15), § 129; see also Sayers
(2014), p. 229 et seq. and case-law there mentioned.
46
Digital Rights Ireland Ltd, Case C-293/12, § 33; see also see, Judgement in Österreichischer
Rundfunk and Others, 20.05.2003, C-465/00, C-138/01 and C-139/01, EU:C:2003:294, § 75.
47
Cf., e.g., Hoechst AG v Commission of the European Communities, Joined cases 46/87 and
227/88, 21.09.1989, ECLI:EU:C:1989:337, § 19, according to which “None the less, in all the
legal systems of the Member States, any intervention by the public authorities in the sphere of
private activities of any person, whether natural or legal, must have a legal basis and be justified on
the grounds laid down by law, and, consequently, those systems provide, albeit in different forms,
protection against arbitrary or disproportionate intervention”. Cf. Lamandini et al. (2015), p. 73:
«The CJEU, on the other hand, established in its early decisions that some privacy rights, such as
the inviolability of domicile, were typically rights of natural persons, but did not protect legal
persons; legal persons only had a protection against “arbitrary or disproportionate intervention”. In
Hoechst, however, the CJEU tried to establish a balance between the finality of an effective inves-
tigation, and the existence of safeguards (arising from all domestic legal systems) which introduce
an element of certainty and proportionality similar to the privacy protection».
s ubject to a more onerous obligation in respect of the publication of data”.48 More

recently, a sharper difference between the levels of protection granted to legal and
natural persons has been affirmed by the European legislators, by Article 1 of
Directive 2016/680, the scope of which (in line with Article 1 GDPR) is explicitly
limited to natural persons.
This choice, which presents the same concerns already highlighted in the analy-
sis concerning fair trial rights in banking supervision,49 appears even less justifiable
in this context, where no specific physically-tailored legal profiles, such as sanctions
involving physical imprisonment, is even at stake.
Within this boundaries, Directive 2016/680 contains a broad definition of “per-
sonal data”, which is intended as “any information relating to an identified or iden-
tifiable natural person […] in particular by reference to an identifier such as a name,
an identification number, location data, an online identifier or to one or more factors
specific to the physical, physiological, genetic, mental, economic, cultural or social
identity of that natural person”.50
Recital (51) of the Directive, in particular, clearly points out how risks “of vary-
ing likelihood and severity” may result to the rights established by Article 7 and 8
CFREU from the processing of personal data especially where that gives rise “to
discrimination, identity theft or fraud, financial loss, damage to the reputation, loss
of confidentiality of data protected by professional secrecy, unauthorised reversal of
pseudonymisation or any other significant economic or social disadvantage […]
where personal aspects are evaluated, in particular analysing and predicting aspects
concerning performance at work, economic situation, health, personal preferences
or interests, reliability or behaviour, location or movements, in order to create or use
personal profiles […] or where processing involves a large amount of personal data
and affects a large number of data subjects”.51 This wording closely resembles the
definition of personal data formulated by the Court of Justice in Digital Rights
Ireland, where the general sensitiveness was explicitly highlighted, considering
how the latter (in the specific case, concerning communications), “taken as a whole,
may allow very precise conclusions to be drawn concerning the private lives of the
persons whose data has been retained, such as the habits of everyday life, permanent
or temporary places of residence, daily or other movements, the activities carried
out, the social relationships of those persons and the social environments frequented
by them”.52
48
Volker und Markus Schecke GbR (C-92/09) and Hartmut Eifert (C-93/09) v Land Hessen, Joined
cases C-92/09 and C-93/09, 9.11.2010, ECLI:EU:C:2010:662, §§ 52–53 and 87. Article 7 and 8
CFREU also provide for protection to other interests related to the notion of privacy, such as the
protection of family, the analysis of which falls however out of the scope of this work.
49
50
Cf. Article 3(1), Directive (EU) 2016/680.
51
Recital (51), Directive 2016/680.
52
Cf. Digital Rights Ireland Ltd, Case C-293/12, §§ 26 and 27, and particularly § 26 according to
which “Those data make it possible, in particular, to know the identity of the person with whom a
subscriber or registered user has communicated and by what means, and to identify the time of the
communication as well as the place from which that communication took place. They also make it
possible to know the frequency of the communications of the subscriber or registered user with
certain persons during a given period”.
Building on this definition, also under EU law, banking records clearly fall under
the label of personal data for which (contrary to the USSC case-law53) privacy
expectations arise. They can indeed certainly be used to identify several aspects of
a person beyond the mere economic background, revealing personal information
concerning health care, political opinions or preferences, activities and agenda,
sexual orientation and life, family personal identification or linking.54
These arguments hold true not only with “analogue” personal (banking) infor-
mation, but also with personal digital data, although to date no specific definition of
the latter is provided for in EU law or in the jurisprudence of the ECtHR. Digital
technology has, however, repeatedly been taken into account at the supranational
level.
The Court in Strasbourg, in particular, explicitly affirmed, with regard to the use
of modern scientific techniques in criminal-justice systems, that “the protection
afforded by Article 8 of the Convention would be unacceptably weakened if such
techniques were allowed at any cost and without carefully balancing the potential
benefits of the extensive use of such techniques against important private-life
interests”.55 In particular, with regard to the “digital” dimension of the right to pri-
vacy, the ECtHR explicitly pointed out how Article 8 “provides for the right to a
form of informational self-determination, allowing individuals to rely on their right
to privacy as regards data which, albeit neutral, are collected, processed and dis-
seminated collectively and in such a form or manner that their Article 8 rights may
be engaged” (italics added).56 In this sense, for instance, the ECtHR recognized the
application of Article 8 ECHR in cases of surveillance techniques used to obtain
internet usage data,57 highlighting how “given the technological advances since the
Klass and Others case, the potential interferences with email, mobile phone and
Internet services as well as those of mass surveillance attract the Convention protec-
tion of private life even more acutely”.58
53
Cf. United States v. Miller, see above Sect. 7.6. Critical in this sense Justice Kennedy dissenting
in Carpenter v US, highlighting how “Financial records are of vast scope. Banks and credit card
companies keep a comprehensive account of almost every transaction an individual makes on a
daily basis. “With just the click of a button, the Government can access each [company’s] deep
repository of historical [financial] information at practically no expense.” […] Today, just as when
Miller was decided, “it is impossible to participate in the economic life of co contemporary society
without maintaining a bank account.”” (pp. 17–18).
54
Similarly to what concluded under the ECtHR case-law, cf. e.g. S. and Marper v. The United
Kingdom, §§ 66–67, referred to the case of retention of fingerprints and cellular samples and DNA
profiles after the end of a criminal proceeding.
55
S. and Marper v. the United Kingdom, § 112 (concerning DNA database). In general, with regard
to the impact of new technology on the case-law of the Court see, e.g., Brownsword and Goodwin
(2012), Murphy and Ó Cuinn (2010), pp. 601–638.
56
Satakunnan Markkinapörssi Oy And Satamedia Oy v Finland, 27.06.2017, Application no.
931/13, § 137; Benedik v Slovenia, § 103.
57
Cf. Copland v The United Kingdom, 3.04.2007, Application no. 62617/00 (telephone calls,
e-mail correspondence and Internet usage); see also Khan v The United Kingdom, 12.05.2000,
Application no. 35394/97 (listening device).
58
Szabó and Vissy v Hungary, 12.01.2016, Application no. 37138/14, § 53; Bernal (2016), p. 251.
The Court of Justice, on the other side, repeatedly underlined the sensitiveness of
data which is produced, and therefore potentially collected, in highly technological
environments, for instance in the sector of electronic communication, or with regard
to IP addresses—but the same argument shall be valid for other fields too, such as
that of online financial transactions (e.g. online banking). Indeed, all this informa-
tion, even more than analogue one, may enable to trace and identify the source of an
operation, its addressee, date, and location; the IP address for Internet services, and
therefore the identity of the persons involved, the frequency of certain operations
during a given period, the amounts transferred and so on.59
Confirmation of this approach may be found also in Directive 2016/680, which
at Article 2(2) does not make any distinction between the level of protection that
should be conferred to data processed by automated (i.e. digital) or non-automated
(i.e. analogue) means.
Against this background, in the European legal framework it appears preferable
to trace back, the investigative technique of real-time monitoring of personal data,
including of banking records (analogous and digital), back to the scope of the
(broad) right to privacy, which includes, but is not limited to domicile and commu-
nication protection.
This said, it remains to be assessed whether the relevant provisions of the Charter
and of the Convention, as interpreted by the respective courts, are up to the task of
establishing an effective level of protection when it comes to define applicable pro-
cedural rules and to sanction potential violations.
Indeed, Article 8 ECHR and Articles 7 and 8 CFREU certainly serve well as
statements of principle about the crucial role of privacy protection, and represent a
source of inspiration for those national legal orders that do not provide for a “tech-
nologically updated” right to privacy (or for an explicit right to privacy at all, as in
the Italian case).
Besides for the (indispensable) recognition of the principle, however, under a
procedural point of view it is fundamental to understand whether these provisions,
can already grant an adequate level of protection to surveillance measures concern-
ing personal (digital) data, or whether further jurisprudential or legislative develop-
ment is needed to achieve that result.
Given the crucial role of personal digital data in contemporary society, and the
common imputability to the scope of Articles 8 ECHR and 7 and 8 CFREU of both
communication and data protection (so that, as anticipated, real-time monitoring
and wiretapping might be grouped under a common category of “electronic” or
Digital Rights Ireland Ltd, Case C-293/12, §§ 49–51; Joined cases Tele2 Sverige AB (C-203/15)
59
and Watson (C-698/15), § 96. In this sense, for instance, “the use of modern investigation tech-
niques” has been considered of fundamental in the fight against serious crime, and the data so
collected deemed “valuable tool for criminal investigations” a conclusion which applies well not
only to data related to electronic means of communication (as in the case dealt with by the Court),
but also to banking data. Specifically on IP addresses, cf. Scarlet Extended SA contro Société belge
des auteurs, compositeurs et éditeurs SCRL, Case C-70/10, 24.11.2011, ECLI:EU:C: 2011:771, §
51; Patrick Breyer v Bundesrepublik Deutschland, Case C-582/14, 19.10.2016,
ECLI:EU:C:2016:779, §§ 15–16.
8.2 Defining Procedural Rules for the Surveillance of Personal (Banking) Data 339
“digital surveillance”), it appears increasingly disproportionate to maintain proce-

dural legal systems which provides for a certain (usually high) level of safeguard
with regard to interception, and for a much lower standard of protection in case the
target of surveillance investigative measure is personal (digital, and banking) data.
Indeed, as precisely described, surveillance on metadata “is not less intrusive than
content: it might best be described as ‘differently intrusive’”.60
Recognizing at least a similar degree of safeguard in both these cases appears
increasingly necessary also taking into account that, some surveillance digital tech-
niques, such as malware, are currently able to intercept at the same time both digital
data and communications (as clearly showed for instance by the use of Trojan horses
in criminal investigations61). Hence, rules to perform personal digital (banking) data
surveillance should certainly ensure, the same level of protection of wiretapping
although procedural rules should then be declined and tailored upon the material
target (data, instead of communications).62
Understanding the procedural impact of Article 8 ECHR and especially, given
the primacy of EU law, of Articles 7 and 8 of the Charter63—is therefore fundamen-
tal to assess whether, relying exclusively upon the standards there established (as
interpreted by the European courts), would already confer an adequate level of guar-
antees to the right to privacy in case of real-time monitoring of personal (banking)
data or if further legislation or change in the jurisprudence would be necessary to
achieve so, and if so, how.
8.2 D
efining Procedural Rules for the Surveillance
of Personal (Banking) Data
States maintain a certain margin of appreciation in determining the specific proce-

dural framework applicable to measures interfering with the right to privacy and
data protection enshrined in Article 8 ECHR and Articles 7 and 8 CFREU.64
60
Cf. Bernal (2016), p. 248 “metadata can be more helpful for surveillance than content. Metadata
by its nature is more easily analysed and aggregated. The formats are standardised, much of it is
numeric and can be subjected to quantitative analysis—particularly significant in the ‘big data’.
Moreover, content can be written in indirect forms, working by innuendo or in language not easily
or automatically understandable. On the kinds of scales envisaged by mass surveillance, the idea
of actually ‘reading’ or ‘listening’ to content is not practical until the very latest stages of analysis.
Content is much more easily and regularly encrypted than metadata. Finally, metadata can include
new types of data such as geolocation data, data about devices used and so forth”.
61
Cf., e.g., Strafprozeßordnung (stop), § 100b Online-Durchsuchung, German crim. proc. code.
62
Cf. Tricot and Martìn (forthcoming), p. 7 of the draft.
63
Whose provisions, as anticipated with regard to the ne bis in idem protection, have already been
recognized liable of direct application in the Member States, with disapplication of contrary
national provisions, cf. Sect. 2.3.3.
64
Cf., e.g., Buckley v. the United Kingdom, 29.09.1996, Application no. 2034/92, § 76. The margin
of appreciation doctrine “refers to the room for manoeuvre the Strasbourg institutions are prepared
Nonetheless, settled case-law of the ECtHR clearly requires domestic legislation on

this matter to meet certain “quality” standards in order to comply with the principles
there established.65
These requirements should find application also in EU law, thanks to the equiva-
lence clause of Article 52(3) CFREU. As will be discussed hereinafter, however, in
certain cases it is necessary to verify whether this operation may be impeded by the
fact that, at literal level, the safeguards enshrined in the Convention and in the
Charter, although comparable, are not exactly coinciding.
Starting with the elements present without challenge in both provisions, limita-
tions to the right to privacy may be accepted only “on the basis of the consent of the
person concerned or some other legitimate basis laid down by law” (Article 8
CFREU66) or “in accordance with the law” (Article 8 ECHR) the impugned measure
shall therefore both “be compatible with the rule of law” and have “some basis in
domestic law”67 (which, in the broad interpretation of the Court in Strasbourg com-
prises both statutory and case-law68). According to the ECtHR, in particular, States
are requested to provide a specific regulation, publicly foreseeable, which autho-
rizes measures interfering with the right to privacy.69
Following the test developed by the ECtHR in the case Sunday Times v. the
United Kingdom, this condition is satisfied whether the law is adequately accessible
and is formulated with precision sufficient to enable citizens to regulate their con-
ducts, especially as far as the scope and the manner of the exercise of the discretion
conferred to the authorities are concerned.70
to accord national authorities in fulfilling their obligations under the European Convention on
Human Rights. However, the term is not found in the text of the Convention itself, nor in the
travaux préparatoires, 1 but first appeared in 1958 in the Commission’s report in the case brought
by Greece against the United Kingdom over alleged human rights violations in Cyprus.2 Since
then it has been adopted in numerous other Commission decisions and in over 700 judgments of
the Court”, cf., e.g., Greer (2000), p. 5; Kostoris (2017), p. 51.
65
Zakharov v. Russia, 4.12. 2015, Application no. 51380/07, § 228; Buckley v. the United Kingdom,
§ 76; McMichael v. the United Kingdom, 24.02.1995, Application no. 16424/90, § 87.
66
See, e.g., Google Spain, Case C-131/12, § 34; see also Martinico (2017), p. 125 et seq.
67
Zakharov v. Russia, § 228.
68
Cf. Del Río Prada v. Spain, 21.10.2013, Application no. 42750/09, § 91, according to which
“When speaking of “law” Article 7 alludes to the very same concept as that to which the Convention
refers elsewhere when using that term, a concept which comprises statutory law as well as case-law
and implies qualitative requirements, notably those of accessibility and foreseeability”. See also
S.W. v. The United Kingdom, 22.11.1995, Application no. 20166/92, § 35; Contrada c. Italia (N.
3), 14.04.2015, Application no. 66655/13, § 60 et seq., largely commented by Italian legal schol-
ars, see e.g., Mazzacuva (2015), and Donini (2016).
69
Cf. Silver and Others v The United Kingdom, 25.03.1983, Application nos. 5947/72; 6205/73;
7052/75; 7061/75; 7107/75; 7113/75; 736/75, §§ 85–86.
70
The Sunday Times v The United Kingdom, 26.04.1979, Application no. 6538/74, §§ 48–53;
Rotaru v. Romania, 4.05.2000, Application no. 28341/95, § 52. See also Kruslin v France,
24.04.1990, Application no. 11801/85; Huvig v France, 24.04.1990, Application no. 11105/84.
Similar interpretation is given also with regard to Article 8 CFREU, where the
CJEU first affirmed in Digital Rights Ireland and later confirmed, for instance in
Schrems (2015), that “legislation involving interference with the fundamental rights
guaranteed by Articles 7 and 8 of the Charter must, according to the Court’s settled
case-law, lay down clear and precise rules governing the scope and application of a
measure and imposing minimum safeguards, so that the persons whose personal
data is concerned have sufficient guarantees enabling their data to be effectively
protected against the risk of abuse and against any unlawful access and use of that
data. The need for such safeguards is all the greater where personal data is subjected
to automatic processing and where there is a significant risk of unlawful access to
that data”.71
In light of Article 8 ECHR, moreover, limitations to the right of private and fam-
ily life are allowed only if they are “necessary in a democratic society in the inter-
ests of national security, public safety or the economic well-being of the country, for
the prevention of disorder or crime, for the protection of health or morals, or for the
protection of the rights and freedoms of others”.
In the ECtHR case-law, a rather wide margin of appreciation is recognized to
States when it comes to this requirement, in particular concerning the choice of the
means to achieve at domestic level the legitimate aim of protecting national securi-
ty.72 Nonetheless, to avoid abuses, national legislation remains subject to the super-
vision of the Court also under this profile, especially when secret surveillance
measures (such as wiretapping, or, precisely real-time monitoring of personal
(banking) data) are into place, as these tools poses a relevant “danger […] of under-
mining or even destroying democracy on the ground of defending it”, so that States
cannot, even in the name of the fight against serious crimes such as “espionage or
terrorism, adopt whatever measures they deem appropriate”.73
Secret surveillance techniques were repeatedly dealt with by the Court (although
not yet with specific regard to banking data), starting from the landmark case Klass
and others v Germany (1978), where the ECtHR stressed out the fundamental
importance, whatever is the adopted system of surveillance, of having “adequate
and effective guarantees against abuse. This assessment has only a relative charac-
ter: it depends on all the circumstances of the case, such as the nature, scope and
duration of the possible measures, the grounds required for ordering such measures,
the authorities competent to permit, carry out and supervise such measures, and the
kind of remedy provided by the national law”.74
This approach was further confirmed by the Court in the following case-law,
especially in Kennedy v The UK (2010), and more recently in Zakharov v Russia
(2015).75 In the latter, concerning a case of (potential) interception of communica-
71
Schrems, Case C-362/14, § 91; Digital Rights Ireland Ltd, Case C-293/12, §§ 54–55.
72
In this sense, see Zakharov v. Russia, § 232; Klass and Others v Germany, 6.09.1978, Application
no 5029/71, § 49 and case-law there mentioned. See also Bernal (2016), p. 259.
73
Klass and Others, § 49.
74
75
That although, brought a change in the admissibility test, harshly criticized in Judge Dedov’s
dissenting opinion, part 3, arguing that in this way the Court would lose its case-by-case approach.
tions, the ECtHR, acknowledging how the implementation of such measures “is not
open to scrutiny by the individuals concerned or the public at large”, concluded that
“it would be contrary to the rule of law for the discretion granted to the executive or
to a judge to be expressed in terms of an unfettered power. Consequently, the law
must indicate the scope of any such discretion conferred on the competent authori-
ties and the manner of its exercise with sufficient clarity to give the individual ade-
quate protection against arbitrary interference”.76
Legislation is then considered by the Court of sufficient “clarity” and “quality”
when a series of minimum safeguards are there established, including “the nature of
offences which may give rise to an interception order; a definition of the categories
of people liable to have their telephones tapped; a limit on the duration of telephone
tapping; the procedure to be followed for examining, using and storing the data
obtained; the precautions to be taken when communicating the data to other parties;
and the circumstances in which recordings may or must be erased or destroyed”.77
Clearly expressed in the Convention, the clause on the “necessity in a democratic
society” is not reproduced in Articles 7 or 8 CFREU, and the issue of whether the
scope of these provisions, as interpreted by the Court of Justice, is wider than that
of Article 8 ECHR has not been fully addressed by the CJEU yet. Declaring the
question inadmissible on this point in the already mentioned joined cases Tele2-
Watson (2016),78 the Court recalled how “whilst, as Article 6(3) TEU confirms,
fundamental rights recognised by the ECHR constitute general principles of EU
law, the ECHR does not constitute, as long as the European Union has not acceded
to it, a legal instrument which has been formally incorporated into EU law”, and that
in any case Article 52(3) CFREU does not preclude Union law from providing pro-
tection that is more extensive then the ECHR.79
The difference in the wordings of Articles 7 and 8 CFREU and 8 ECHR concern-
ing this clause has been emphasized by some legal scholars, according to which, in
the EU that could bring to a different, and potentially broader interpretation of the
limitations affecting the right to privacy.80 In this sense, however, it shall be reminded
that the Explanation to the Charter clearly states that “limitations which may legiti-
mately be imposed on this right are the same as those allowed by Article 8 of the
ECHR”.81 Moreover, according to Article 52(1) CFREU, restrictions to the rights of
the Charter are acceptable only if provided for by law, and insomuch as they are
strictly necessary and proportionate to the “general interest recognised by the Union
or the need to protect the rights and freedoms of others”.82
76
Kennedy v The UK, 18.05.2010, Application no. 26839/05; Zakharov v. Russia, § 230.
77
Zakharov v. Russia, § 231 and case-law mentioned there.
78
Joined cases Tele2 Sverige AB (C-203/15) and Watson (C-698/15), §§ 127-133.
79
For the recent restatement of the need to recognize an autonomous meaning to the Charter in the
field of ne bis in idem, see above Sect. 2.3.3.
80
Cf. Martinico (2017), p. 116 et seq.
81
Cf. Explanation relating to the Charter, 2007, OJ C303/17, sub Article 7, p. 10.
82
Digital Rights Ireland Ltd, Case C-293/12, §§ 38 and 52.
The “democratic proportionality test” seems therefore to play a fundamental role

also in the EU legal framework, and consequently in the jurisprudence of the Court
of Justice.83
In the most relevant cases on data protection, namely the aforementioned Digital
Rights Ireland, and Tele2-Watson, the CJEU indeed famously hold that “subject to
the principle of proportionality, limitations may be made to those rights and free-
doms only if they are necessary and genuinely meet objectives of general interest
recognised by the Union or the need to protect the rights and freedoms of others”.84
Even when the purpose of data retention is especially serious and therefore repre-
sent an “objective of general interests”, such as in case of “prevention, investigation,
detection and prosecution of serious crime, such as organised crime and terrorism”,85
it is therefore necessary for the interfering measures to respect “principles of data
protection and data security”86 to preserve the essence of the rights protected by
Articles 7 and 8 CFREU, and comply with the principle of proportionality, which
must be consistent with a democratic background.87 As clearly summarized by the
Court in Tele2-Watson, in fact, “an objective of general interest, however fundamen-
tal it may be, cannot in itself justify that national legislation providing for the gen-
eral and indiscriminate retention of all traffic and location data should be considered
to be necessary for the purposes of that fight”.88
The proportionality test developed by the CJEU thus requires an assessment as
to whether the adopted acts are “appropriate for attaining the legitimate objectives
pursued by the legislation at issue and do not exceed the limits of what is appropri-
ate and necessary in order to achieve those objectives”.89
This evaluation applies “all the greater” where “personal data are subjected to
automatic processing and where there is a significant risk of unlawful access to
those data”.90 This is the case of means or technology “very widespread and of
growing importance in people’s everyday lives”, which may generate “an interfer-
ence with the fundamental rights of practically the entire European population”91: a
definition which seems to fit well not only with electronic means of communication,
but also to online banking services and financial transactions. In these “new” tech-
83
In this line in the conclusion, Martinico (2017), p. 116.
84
Digital Rights Ireland Ltd, Case C-293/12, § 38; Joined cases Tele2 Sverige AB (C-203/15) and
Watson (C-698/15), § 94. See also above Sect. 2.3.3.
85
Digital Rights Ireland Ltd, Case C-293/12, § 24, cf. also §§ 41–44 and Iovene (2014); see also
Joined cases Tele2 Sverige AB (C-203/15) and Watson (C-698/15), § 102.
86
Digital Rights Ireland Ltd, Case C-293/12, § 40.
87
Cf., e.g., Joined cases Tele2 Sverige AB (C-203/15) and Watson (C-698/15), §§ 96 and 107; see
also Productores de Música de España (Promusicae) v Telefónica de España SAU, Case C-275/06,
29.01.2008, ECLI:EU:C:2008:54, §§ 68–70.
88
Watson (C-698/15), § 103.
89
Digital Rights Ireland Ltd, Case C-293/12, § 46 and case-law there mentioned.
90
Idem, §§ 54–55.
91
Idem, § 56.
nological contexts, as recalled also in Schrems, it becomes pivotal to “ensure a fair

balance between, on the one hand, observance of the fundamental right to privacy
and, on the other hand, the interests requiring free movement of personal data”.92
As limitations to the right to privacy may be accepted, also under EU law, only
“in so far as is strictly necessary”,93 “quality” requirements for the legal basis are
established also in the jurisprudence of the CJEU. According to it, the law “must lay
down clear and precise rules governing the scope and application of the measure in
question and imposing minimum safeguards” so as to ensure “sufficient guarantees
to effectively protect […] personal data against the risk of abuse and against any
unlawful access and use of that data”.94
In particular, the CJEU explicitly labelled as not strictly necessary, nor clear or
precise, and therefore disproportionate, limitations of the right to privacy that cover
“in a generalised manner, all persons and all means […] as well as all […] data
without any differentiation, limitation or exception being made in the light of the
objective of fighting against serious crime”,95 including persons “for whom there is
no evidence capable of suggesting that their conduct might have a link, even an
indirect or remote one, with serious crime”, or that “does not provide for any
exception”,96 neither requires any “relationship between the data whose retention is
provided for and a threat to public security and, in particular, it is not restricted to a
retention in relation (i) to data pertaining to a particular time period and/or a particu-
lar geographical zone and/or to a circle of particular persons likely to be involved,
in one way or another, in a serious crime, or (ii) to persons who could, for other
reasons, contribute, by the retention of their data, to the prevention, detection or
prosecution of serious offences”.97 Equally, law shall be considered disproportionate
if it lacks to establish a clear definition of what should be considered an offence
“serious enough” so as to justify such limitation,98 or if it does not contain “substan-
tive and procedural conditions relating to the access of the competent national
authorities to the data and to their subsequent use”99 or the duration of the interfer-
ing measures,100 limiting it to what is strictly necessary in the light of the objective
pursued.
To sum up, law establishing limitations to the rights to privacy protected by
Articles 7 and 8 CFREU is therefore considered acceptable by the CJEU only as
92
Schrems, Case C-362/14, § 42.
93
Schrems, Case C-362/14, § 92; Digital Rights Ireland Ltd, Case C-293/12, § 52.
94
Digital Rights Ireland Ltd, Case C-293/12, §§ 54–55.
95
Idem, § 57; see also Schrems, Case C-362/14, §§ 93–94 according to which a generalized access
implies a violation of the essence of the fundamental right to respect for private life. Cf. Mitsilegas
(2016).
96
Watson (C-698/15), § 105.
97
Watson (C-698/15), § 106.
98
Digital Rights Ireland Ltd, Case C-293/12, § 60.
99
Idem, § 61.
100
See also Joined cases Tele2 Sverige AB (C-203/15) and Watson (C-698/15), § 95.
long as “the retention of data is limited, with respect to the categories of data to be
retained, the means of communication affected, the persons concerned and the
retention period adopted, to what is strictly necessary”.101
Legislation shall therefore “lay down clear and precise rules governing the scope
and application of such a data retention measure and imposing minimum safe-
guards, so that the persons whose data has been retained have sufficient guarantees
of the effective protection of their personal data against the risk of misuse”.102 It
shall also “meet objective criteria, that establish a connection between the data to be
retained and the objective pursued. In particular, such conditions must be shown to
be such as actually to circumscribe, in practice, the extent of that measure and, thus,
the public affected […] Such limits may be set by using a geographical criterion
where the competent national authorities consider, on the basis of objective evi-
dence, that there exists, in one or more geographical areas, a high risk of preparation
for or commission of such offences”.103
Along the same line, interferences to the right to privacy are acceptable, in gen-
eral terms, “in relation to the objective of fighting crime, only to the data of indi-
viduals suspected of planning, committing or having committed a serious crime or
of being implicated in one way or another in such a crime […] However, in particu-
lar situations, where for example vital national security, defence or public security
interests are threatened by terrorist activities, access to the data of other persons
might also be granted where there is objective evidence from which it can be
deduced that that data might, in a specific case, make an effective contribution to
combating such activities”.104
A few last brief notations shall be made with regard to the approach adopted by
the CJEU, toward personal data surveillance.
First, these legitimacy conditions were drawn by the Court of Justice with regard
to the collection of personal data both for preventive and repressive purposes.
Especially in the first case, however, besides for the clear (and fundamental) asser-
tion of the central role of privacy and data protection, the criteria set by the Court
appear especially critical in their practical application. Indeed, if on one side it is
certainly reassuring that no form of generalized control over every person’s per-
sonal data shall be legally carried out within the EU, on the other, it seems hard to
understand how it would be possible to preventively apply “geographical” or other
selecting criteria without that ending up in some form of discrimination which are
also contrary to the EU fundamental principles (e.g. against geographical areas
inhabited by poor people, or by migrants; against recidivists; against people belong-
ing to a certain ethnicity or religious group, etc.).105
101
Idem, § 108.
102
Digital Rights Ireland Ltd, Case C-293/12, § 54 and the case-law cited; Joined cases Tele2
Sverige AB (C-203/15) and Watson (C-698/15), § 109.
103
Joined cases Tele2 Sverige AB (C-203/15) and Watson (C-698/15), §§ 110–111.
104
Idem, § 119 see also Zakharov v. Russia, § 260, and case-law there cited.
105
In case of criminal investigation, that is where the search for evidence begins after a crime has
been committed, the problem appears less pressing, as certain objective suspicious elements are
generally required to open a criminal proceeding. Cf. also Mitsilegas (2015).
At the same time, the foreseeability requirements necessary in light of Article

52(1) CFREU seems hardly applicable to a context, like that of preventive investiga-
tions, in which the very efficiency of the operations is depending on secrecy. In
order to remedy to the difficult (perhaps even impossible) application of the param-
eters established by the CJEU when intrusions to the right to privacy are
implemented,106 Nonetheless, exclusionary rules, currently applied in some EU
Member States the creation of binding exclusionary rules, according to which infor-
mation gathered for preventive purposes cannot be used in criminal investigations,
seems a necessary safeguard to maintain the collection of personal data proportion-
ate for a democratic society.
As already discussed with regard to fair trial rights, and in particular to the privi-
lege against self-incrimination, however, implementing this procedural solution at
the EU level results especially unlikely at the moment, mainly due to the lack of
political consensus for the harmonization of procedural principles and rules among
Member States.107 Nonetheless, exclusionary rules, currently applied in some EU
Member States108 and also by the US Supreme Court (although with a rather restric-
tive, not to say sceptical approach109), still appear a key feature to promote efficiency
to preventive investigations, and, at the same time to ensure that limitations of the
right to privacy remain in the boundaries of a democratic society, conferring to the
individuals affected by disproportionate and/or illegitimate measures solid grounds
for effectively challenge data collection. Applying all this legislative and jurispru-
dential background to the specific case of real-time monitoring of banking records,
in the EU it is possible to identify a core of minimum procedural safeguards.
efined Objective Scope of Real-Time Monitoring: Offences

D
Taking into account the intrusiveness of this form of surveillance, it seems appropri-
ate to limit its application only to serious offences, which could include: Serious
financial crimes as defined by Articles 3 and 4 of the PIF Directive,110 cybercrimes
(Articles 2 to 8 and 10 to 12 of the Budapest Convention) committed in the financial
field (at least upon a certain threshold of imprisonment, e.g. four years, that is the
threshold adopted to define “seriousness” by the PIF directive and also indicated in
the Explanatory Report to the 2001 Protocol111), as well as further serious offences
related to the use of the financial and banking system, such as money laundering (as
106
Especially when data collected are particularly capable of profiling individuals (see, a con-
trario), Proceedings brought by Ministerio Fiscal, Case C-207/16, 2.10.2018, ECLI:EU:C:2018:788.
107
108
Such as in Italy, cf. Article 226(5) disp. att. c.p.p.
109
Gray (2017), p. 217 et seq.
110
Fraud (VAT fraud only if the damage involved is of at least 10 million euros), corruption, and
misappropriation affecting the EU financial interests, as implemented by national law. The serious-
ness is here either defined by the provision of a maximum penalty of at least 4 years of imprison-
ment or by the involvement of “considerable damage or advantage”, meaning with that expression
that it involves more than EUR 100,000 (cf. Article 7, PIF Directive).
111
Article 1(3), Explanatory report to the Protocol, cit.
defined by Article 3, Directive 2018/1673112), terrorist financing (as defined by

Article 11, Directive 2017/541113), insider trading and market manipulation (as
defined by Articles 3 to 6 of Directive 2014/57).
Alternatively, broader and less specific, but already existing selections of serious
crimes may be derived from the lists of offences provided for by, for instance, the
EIO Directive, Europol Regulation,114 or, by Article 83(1) TFEU which identifies
the so-called “Eurocrimes”.115
efined Subjective Scope of Real-Time Monitoring: Potential Targets

D
The regulation should allow the application of real-time monitoring measures both
against legal and natural persons. The awareness that certain forms of crime, above
all those characterized by an important economic background, may be perpetrated
also (and perhaps even better) by corporations requires today to extend this investi-
gative techniques against these subjects too. That requires, however, that legal per-
sons should be also recognized correspondent fair trial rights.
Indeed, as already argued with regard to the privilege against self-incrimination,116
the (even partial) exclusion of legal entities from the scope of the rights provided for
by the Charter through secondary legislation appears in contrast both with the word-
ing of the CFREU and with the increasing trend in adopting forms of criminal liabil-
ity against organizations. In particular, the exclusion of legal persons from the scope
of Directive 2016/680 appears rather anachronistic and subject to the same (even
more evident, when the right to privacy is at stake) criticism raised for the exclusion
of legal persons from the scope of Directive 2016/343 on the presumption of
innocence.
Irrespective of their being natural or legal persons, in line with the provisions
contained in Article 28 of the EIO Directive,117 and with the standards and recom-
mendations issued by the Financial Action Task Force,118 measures of surveillance
on banking data should moreover be applicable both to subjects suspected of having
committed a crime, and to any other person in respect of whom such information is
found necessary by the competent authorities in the course of criminal proceedings,
e.g. persons acting as front-man to financial operations.
Lastly, to avoid that the use of electronic surveillance turns into massive forms of
State watching, “fishing expeditions” shall be explicitly prohibited (at least for
repressive purposes), and the same should follow for the use at trial of the elements
112
Directive (EU) 2018/1673 of 23.10. 2018 on combating money laundering by criminal law.
113
Directive (EU) 2017/541 of 15.03.2017 on combating terrorism.
114
Cf. Annex I to the Regulation (EU) 2016/794 of 11.05.2016 on the European Union Agency for
Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/
JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA.
115
As defined by Klip (2016), p. 231 et seq.
116
117
Cf. Sect. 7.3.
118
Cf. Sect. 3.2.
so gathered. Monitoring shall thus be limited, both in the phase of data gathering
and in its access, only to specified bank account(s)/subjects/transactions.119
This conclusion appears necessary also in light of the current international state
of play: Specifying who is the precise subject of the investigations is required, for
instance, by Article 28(1)(a) of the EIO Directive, according to which it is possible
to issue an EIO for the gathering of evidence in real time over “one or more specified
accounts”. Similarly, Article 7(2)(c) of the aforementioned 2005 COE Convention
states that the party should enable the monitoring of “the banking operations that are
being carried out through one or more identified accounts”.
etermined Duration of Surveillance Measures

D
Similarly to wiretapping regulations, also on account of the potential remote (and
therefore secret) activation of surveillance measures, time-limits should be provided
for by law: Upon their expiration, a new authorization from the competent authority
shall be requested again in case an extension is sought.120
afeguards in the Storage of Data

S
In line with the CJEU case-law following Digital Rights, unlimited and generalized
storage of the data shall not be allowed. Selected and legally obtained information
should then be stored guaranteeing the integrity and authenticity of collected data,
in line with the best technical practices (e.g. ISO Standards 27037:2012).
In this sense, it is especially relevant to consider, among other features, that ser-
vice providers where data are available may have private economic considerations
when determining the modalities of storage, the level of security and the possibility
of dissemination of the information collected, ending up with standards not aligned
to the general interests in the protection of the individual right to privacy. Regulations
should therefore take this aspect into account and accordingly demand adequate
guarantees, for instance allowing the retention of data only within the territory of
the European Union, and requiring the irreversible destruction of the data at the end
of the retention period.121
ublic Reporting Duties

P
The procedure followed for examining, using and storing data should be publicly
disclosed. If revealing all technical details (especially for the examination, i.e. sur-
veillance techniques) could hamper the result of the investigation, or could be dif-
ficult to balance with intellectual property rights (e.g. in case licensed software are
119
Cf. Bernal (2016), p. 246 highlighting how, for instance, under the UK Investigatory Powers
Bill, surveillance is operated on a “‘gather in bulk, access in detail’ basis. The question of whether
this constitutes ‘mass surveillance’ is one of the key parts of the debate, but may […] be a largely
semantic argument. What is clear is that surveillance law and practice as it currently exists, and is
being legally proposed, involves gathering of massive amounts of data […] where there are no
limits on how ‘bulky’ the bulk might be”.
120
On the identification of the competent authority, see below, Sect. 8.3.
121
Schrems, Case C-362/14, § 92; Digital Rights Ireland Ltd, Case C-293/12, §§ 67–68.
adopted), at least forms of public control should be established, for instance through
the disclosure of relevant information to restricted independent specialized commit-
tees, and/or through periodical reports to the Parliament or other independent
authorities.122
Anti-Leaking Precautions
When communicating data to other parties during the investigation, and especially
before an assessment over the relevance of the collected data has been made by the
competent authorities, specific technical procedures shall be implemented in order
to avoid (or reduce) the risk of early disclosure, in compliance with the presumption
of innocence of the suspect, and of the right to privacy of the latter and of third par-
ties potentially involved.123 At the very least, mechanisms to record all accesses to
stored information the so-called chain of custody, according to the best international
practices shall be put into place, to allow affected parties to trace back the liability
line and ask for compensation where a leak of reserved information occurs.
echnical Neutrality and Content-Based Approach

T
Personal (banking) data should not be collected under lower guarantees just because
new technologies allow to bypass traditional checks and balance. As authoritatively
highlighted, indeed, “New facts will trigger new rules, but the role of the Constitution
should remain constant regardless of technology […] so that the law will maintain
the old function in the new environment”.124
To this end, the level of safeguard recognized in a regulation on real-time moni-
toring of banking records, aspiring to maintain effectiveness also in times of great
technological changes and to avoid becoming quickly obsolete, should not depend
on the specific technology used to carry out the surveillance, nor upon the kind
(technology) of device where the data is stored. This approach, that goes under the
name of technical neutrality, has been successfully applied, for instance, by the
Budapest Convention on cybercrime,125 and may be recognised also in the “gener-
ous approach” to Article 8 ECHR followed by the Court in Strasbourg, that “allowed
122
As provided in Germany, cf. Bundersverfassungsgericht, I Senate, 20.04.2016, 1 BVR 966/09,
1 BVR 1140/09, analysed, e.g., by Giordano and Venegoni (2016).
123
Joined cases Tele2 Sverige AB (C-203/15) and Watson (C-698/15), § 122; Digital Rights Ireland
Ltd, Case C-293/12, §§ 66–68.
124
Discussing about the principle of neutrality with regard to the Fourth Amendment, Kerr (2010),
according to whom “Technology neutrality assumes that the degree of privacy the Fourth
Amendment extends to the Internet should try to match the degree of privacy protection that the
Fourth Amendment provides in the physical world […] That is, the Fourth Amendment will remain
technology-neutral in the sense that the overall amount and function of Fourth Amendment protec-
tion will be roughly the same regardless of whether a wrongdoer commits his crime entirely online,
entirely in the physical world, or using a mix of the two”.
125
Greatly contributing in maintaining it, after almost 20 years from its entry into force, one of the
most applied and appreciated international legal tools.
the case-law to develop in line with social and technological developments”.126

Technical neutrality has been also specifically raised and tackled at the EU level by
Directive 2016/680, which at Recital (18) explicitly requires that “in order to prevent
creating a serious risk of circumvention, the protection of natural persons should be
technologically neutral and should not depend on the techniques used”.127
The content-rather-than-technique-based perspective that results from this
approach should not however be understood in a “quantitative” perspective, as par-
tially suggested by the USSC in Jones and Carpenter (talking about “longer term”
monitoring, e.g. when surveillance lasts more than 7 days)128 and, in 2013, by the
American Bar Association which, addressing law-enforcement information gather-
ing, proposed to graduate the level of protection according to the “degree of pri-
vacy” of the information to be collected (“highly private, moderately private,
minimally private, or not private”).129 The extreme vagueness of this “quantitative”
approach (although quantity certainly maintains an important role in todays big data
society) has been indeed understandably criticized by legal scholars, which pointed
out the arbitrariness underlying this criterion.130 Identifying the best legislative tech-
nique to deal with technological development is not however a task with an easy
solution, especially in the field of privacy protection.
Indeed, on one side, it appears unlikely to be able to define a precise quantitative
(time-wise) threshold beyond which intrusion to privacy shall be considered more
severe, as serious harm to this right may be perpetrated also in a limited time period,
if the tool used is very intrusive.
However, also linking the level of protection only to the degree of intrusiveness
of the specific technique adopted does not necessarily provide for the best solution
in a technological society in which the same data may often be obtained both
through “intentionally-intrusive” and “automatically-structural” tools. For instance,
it appears sensible to require a high level of protection if law-enforcement intends
to install a malware on a smartphone to activate its GPS to spy upon the movements
of a suspect. The same privacy-sensitive location information, however, may also
get continuously and automatically stored in cell-site location information records
with basically the same accuracy and irrespective of the users’ will. It seems there-
fore unreasonable that such information could be accessed by law-enforcement with
lowers guarantees, given that the limitation to the right to privacy of the subjects
affected (represented by the ability to reconstruct “a detailed chronicle of a person’s
126
Guide on Article 8 of the European Convention on Human Rights, § 46. https://www.echr.coe.
int/Documents/Guide_Art_8_ENG.pdf. Accessed 20 July 2018; Harris et al. (2014), p. 522 et seq.
127
Cf. Recital (15) GDPR and Recital (18), Directive 2016/680.
128
Cf., respectively, above Sects. 8.1 and 7.6.
129
ABA (2013), also known as “LEATPR Standard”, Standard 25-4.1 Categories of information; a
version of content-shaped approach has also been proposed with regard to the First Amendment,
see Richards (2013), criticized by Gray and Keats Citron (2013). A third content-based approach,
again referring to the First Amendment, has been developed within the Yale’s Information Society
Project, see e.g. Balkin (2016).
130
Highlighting also how, in the US context, the Fourth Amendment case-law has a history of
“neutrality” “with respect to degrees of privacy involved”, cf. Gray (2014, 2017).
physical presence compiled every day, every moment, over several years”131)
appears similarly acute in both cases.
Lastly, also the solution of making the protection exclusively dependent upon the
quantitative level of privacy attributable to a single information does not appear
satisfactory. Indeed, the possibility of individual and group profiling, which cer-
tainly represents a “world of difference”132 compared to the information that could
be gathered through non-digital and retrospective forms of data collection, does not
necessarily depend upon the sensitiveness of the single piece of data. It results on
the contrary by a combination of the “degree of privacy” involved by single pieces
of information and of the data-mining capacity to extract sensitive information also
from potentially non-sensitive big-data.133
Against this background, without any optimal solution at hand, but taking into
account the fundamental character of the interests at stake (individual and collective
privacy, democracy and rule of law) it seems preferable to adopt the interpretation
that, allows for a higher degree of protection with a minor impact on the effective-
ness for the investigations.
In the EU legal framework, such solution might be found applying a content-
based approach that, without distinguishing among higher or lower level of
sensitiveness, grounds the scope of protection upon the aforementioned legislative
definition of “personal data”, provided for by Articles 4(1) GDPR and, with specific
regard to the criminal matter, Article 3(1) of Directive 2016/680.
According to it, and in line with the case-law so far developed by the CJEU, all
personal (including banking) data which are subject to real-time monitoring inves-
tigative techniques should then receive the same level of protection (i.e. in terms of
the level of proof needed to obtain the authorization to access to it, or concerning the
authority competent to grant the latter), regardless of the tool applied to perform the
monitoring, the kind of device in which data was stored, the duration of the monitor-
ing, or the “degree of privacy” entailed in each piece of information.
The significance to be attributed to all these elements should then not be punctu-
ally assessed in the legislation, to allow it to keep pace with technological develop-
ment. However, it may be taken into account by the competent authority when
assessing (ex ante, to grant the authorization, and/or ex post, if the measure is chal-
lenged) the proportionality of the specific tool and the conditions (to be) applied to
perform the surveillance.
xclusionary Rules and Destruction of Illegally Obtained Information

E
Lastly, in case the measure applied is considered to be disproportionate, or if it vio-
lates the requirements described above, a regulation on real-time monitoring of
(banking) data should provide for strict exclusionary rules, making it possible for
131
Carpenter v United States, pp. 16–17.
132
Id., p. 17.
133
As famously shown by the notorious Target case, cf. Hill (2012), and Duhigg (2012).
the affected individuals to trigger effective remedies.134 Data unlawfully collected

should be accordingly destroyed.135
Contrary to the ECtHR “comprehensive” approach, and also in light of the gap
of protection shown by the US example described in the previous Chapter, it seems
indeed that the protection of such fundamental rights cannot be left to a case by case
appreciation of the harm brought to the interests at stake when the minimum proce-
dural safeguards discussed above are violated. Only automatic exclusionary rules,
appear adequate to limit abuses (especially when surveillance measures may be
remotely activated) and maintain the implementation of invasive surveillance inves-
tigative techniques in line with the basic features of a democratic society.
In light of these minimum standards, the regulations in the (few) EU Member
States dealing with real-time monitoring of banking data currently appear rather
inadequate, also taking into account that information so gathered could then be dis-
seminated via an European Investigation Order.136
Indeed, although some of the procedural safeguards listed above have been
implemented in national legislations,137 it remains critical that requirements for
applying this surveillance measure differ from country to country, while financial
institutions operate in a single legal and economic area, and enjoy an intrinsic and
unavoidable transnational dimension.
8.3 R
ight to an Effective Remedy: The Authority in Charge
of Real-Time Monitoring of Banking Records
In addition to the creation of exclusionary rules, the Charter and its interpretation by
the CJEU certainly need to be strengthened when it comes to the other parameter
upon which to verify whether surveillance measure qualifies as “necessary for a
democratic society”: Identifying an appropriate authority in charge of the control
over real-time monitoring of personal (banking) data able to ensure the right to an
effective remedy.138
Under this profile, no rule at all on the matter is provided for by Article 7 CFREU.
On the other side Article 8(3) CFREU only requires that limitations to data protec-
tion “shall be subject to control by an independent authority”.
134
In this sense, see, e.g., Caianiello (2014), p. 317.
135
Although complicated appear to define in this case when such a destruction should occur, highly
depending on the features of each national legal system (for instance, regulating up until when it is
possible for prosecutors to integrate the investigating material).
136
137
As it emerges from the brief recollection of national legal orders illustrated in the previous, cf.
above Sect. 7.5.
138
Cf. Sect. 6.3.3.
8.3 The Authority in Charge of Real-Time Monitoring of Banking Records 353
This threshold, although recalling the jurisprudence developed by the CJEU and
the ECtHR the notion of “independence”,139 could indeed encompass both adminis-
trative and judicial authorities, which however present deeply different level of safe-
guards for the persons affected by the intrusive measures.140
On this basis, the Court of Justice (e.g. in Digital Rights Ireland, Schrems,
Google Spain, and Tele2-Watson) acknowledged that the legislature’s discretion is
reduced in case of serious interference with the right to respect for private life.141
Nonetheless, the Court, mirroring the textual ambivalence of Article 8 CFREU,
refrained so far from expressing any conclusive preference on whether such an inde-
pendent control should be better carried out by a judicial rather than by an adminis-
trative body.142
At first glance, the wording of Article 8 ECHR adds only a limited contribution
to the matter, as it makes no explicit reference to the need of having an overseeing
authority at all. This parameter, however, has been elaborated by the Court in
Strasbourg, in some cases concerning secret surveillance.
In particular, in the aforementioned Klass and others v Germany (1978), where
an “independent” oversight was guaranteed by “an official qualified for judicial
office”, a Parliamentary Board and a special Commission, the Court considered that
“in a field where abuse is potentially so easy in individual cases and could have such
harmful consequences for democratic society as a whole, it is in principle desirable
to entrust supervisory control to a judge”.143
Similar conclusion was reached again in the Zackharov (2015), where the ECtHR
further specified that “in view of the risk that a system of secret surveillance set up
to protect national security may undermine or even destroy democracy under the
cloak of defending it”, national systems are also required to provide further effec-
tive guarantees against abuses,144 “judicial control offering the best guarantees of
independence, impartiality and a proper procedure”.145
Nevertheless, in Klass the Court had admitted that “the exclusion of judicial
control does not exceed the limits of what may be deemed necessary in a democratic
society”, as long as, in the specific circumstances of the case, the (administrative)
authorities entitled with the supervision are independent, and “vested with sufficient
powers and competence to exercise an effective and continuous control”.146
According to the ECtHR, however, judicial control remains necessary, if not dur-
ing the execution of the surveillance, “at least in the last resort”, that is after the
139
Cf. above Sects. 6.3 and 6.3.1.
140
Idem.
141
Cf. Joined cases Tele2 Sverige AB (C-203/15) and Watson (C-698/15), § 123.
142
Cf. Joined cases Tele2 Sverige AB (C-203/15) and Watson (C-698/15), § 114 and 120; Digital
Rights Ireland Ltd, Case C-293/12, §§ 48-62.; but see also Schrems, Case C-362/14, § 95.
143
144
Zakharov v. Russia, § 232.
145
Cf. Zakharov v Russia, § 233; Klass and Others, §§ 55–56.
146
measure has ceased.147 Such a control shall be effective in the particular circum-
stances of the case,148 allowing the court not only to assess the legality of the limita-
tion but also its appropriateness, duration and scope.149
In light of the equivalence clause of Article 53 CFREU, when intrusive investiga-
tive techniques such as real-time monitoring of banking data are at stake, involving
a judge with jurisdiction on the facts–which should guarantee a prior exam to grant
the authorization or, in the absence of the latter, a subsequent control with an ex post
judicial review–seems a necessary solution to guarantee the compliance of the
investigative measures with the ECtHR case-law and in general with the proportion-
ality principle.
Indeed, as previously discussed with regard to the definition of impartial and
independent tribunal,150 only the judiciary—in combination with a legal framework
providing for effective exclusionary rules—can guarantee an adequate level of pro-
tection in case of limitations affecting fundamental rights, not only with regard to
fair trial rights, but also to privacy and data protection.151
Applying this case-law to real-time monitoring of banking records, the serious-
ness of the interests at stake would certainly require also for this investigative tech-
nique the highest possible level of guarantees, that is a prior judicial control,
similarly to what usually established for wiretapping.
The fact that, however, no textual link to this solution can be found neither in the
Charter, nor in the Convention is especially critical considering how the current
European panorama also on this profile is far being uniform.
Taking into account the available sources, among those Member States that do
provide for some form of banking real-time monitoring within their jurisdiction,
some (such as AT, BE, NL, UK, and partially IT152) conferred the power to request
such measures to prosecutorial or law-enforcement authorities and established the
need to seek for a judicial authorization to carry out the surveillance.
Other countries are instead being reported to have identified authorities compe-
tent to apply such measure in national FIUs (BG, CZ, EE, LV, SI153; LU, and IE and
IT154): In these cases, therefore, the kind of authority in charge for real-time moni-
toring is strictly related to the type of FIU adopted at the domestic level.
In light of the diverse framework in this sector, for few of these countries this
choice implies the conferral of real-time monitoring powers to authorities within the
traditional area of criminal justice (EE and IE: Law-enforcement-type of FIU; LU:
147
Klass and Others, § 57; Zakharov v. Russia, § 233–234; Heino v Finland, 15.02.2011,
148
Smirnov v. Russia, 7.06.2007, Application no. 71362/01, § 45.
149
Delta Pekárny A.S. v Czech Republic, 2.10.2014, Application no. 97/11, § 91.
150
See above, Sects. 6.3 and 6.3.1.
151
Heino v Finland, 15.02.2011, Application no. 56720/09, § 45.
152
According to the country analysis provided in Ligeti (2012), that includes also FR, PT, RO. In
IT the power may also be activated by the Administrative FIU. Cf. Sect. 7.5.
153
According to MONEYVAL (2013), p. 37 et seq.
154
According to the country analysis provided in Ligeti (2012), see country profiles of LU and EI.
8.3 The Authority in Charge of Real-Time Monitoring of Banking Records 355
Judicial-type of FIU); in others, such as BG, CZ, and SI (but also in IT), on the
contrary, real-time monitoring of financial transactions appears to be assigned to
administrative authorities without an explicit need to obtain a judicial authoriza-
tion.155 This choice, considering the relevance of the data endangered by this inva-
sive form of surveillance, appears inadequate to guarantee an effective impartial and
independent review of the measure applied. This choice, however, seems also, at the
same time, hardly challengeable as such against the current wording of Articles 7
and 8 CFREU, at least in lack of an explicit interpretation of the Court of Justice in
this sense.
The absence of supranational clear legal basis in this regard is even more alarm-
ing when considering those countries where no explicit regulation on real-time
monitoring of banking records has been provided as yet. Indeed, as showed by the
US example, this often does not really prevent the practical application of surveil-
lance investigative techniques, but only reduces the possibility to invoke an effective
remedy against violations of the rights at stake.
References
ABA (2013) Standards for criminal justice: law enforcement access to third party records, 3rd edn.
https://www.americanbar.org/groups/criminal_justice/standards/law_enforcement_access.
html. Accessed 19 July 2018
Aterno S (2013) Le investigazioni informatiche e l’acquisizione della prova digitale. Giur merito,
p 955
Balkin JM (2016) Information Fiduciaries and the first amendment. UC Davis Law Rev 49(4):1183
Balsamo A (2015) Il contenuto dei diritti fondamentali. In: Kostoris RE (ed) Manuale di procedura
penale europea, II edn. Giuffrè, Milano, p 109 et seq
Bernal P (2016) Data gathering, surveillance and human rights: recasting the debate. J Cyber
Policy 1(2):243–264
Brownsword R, Goodwin M (2012) Law and the technologies of the twenty-first century: text and
materials. Cambridge University Press, Cambridge
Bull HP, Giesen T, Kühling J, Leutheusser-Schnarrenberger S, Von Lewinski K, Robrecht B,
Schaar P, Schramm J, Schulzki-Haddouti C, Seemann M, Spiecker Genannt Döhmann I,
Stinner J, Trepte S (2016) Zukunft der informationellen Selbstbestimmung. ESV, Berlin
Caianiello M (2014) To Sanction (or not to Sanction) procedural flaws at EU level? A step forward
in the creation of an EU criminal process. Eur J Crime Crim Law Crim Justice 22(4):317
Camon A (1996) Le intercettazioni nel processo penale. Giuffrè, Milano
Donini M (2016) Il diritto giurisprudenziale penale. Collisioni vere e apparenti con la legalità e
sanzioni dell'illecito interpretativo. Riv trim dir pen cont, 3
Duhigg C (2012) How companies learn your secrets. In NYT, 16th February 2012. https://www.
nytimes.com/2012/02/19/magazine/shopping-habits.html. Accessed 19 July 2018
Electronic Privacy Information Center (EPIC) (2017) Carpenter v. United States 16-402, Supreme
Court (Fourth Amendment, Location Privacy) EPIC’s Amicus Brief. https://epic.org/amicus/
location/carpenter/Carpenter-v-US-amicus-EPIC.pdf. Accessed 19 July 2018
155
Cf. Sect. 3.3.
Filippi L (2003) Le Sezioni Unite decretano la morte dell'agente segreto “attrezzato per il suono”
see also G. Fumu, Registrazione di colloqui tra presenti effettuata a cura della polizia giudizi-
aria: insuperabili i limiti alla testimonianza indiretta. Riv pol, p 762
Fontanelli F (2011) The European Union Charter of fundamental rights two years later. Perspect
Federalism 3(3):22
Fumu G (2003) Registrazione di colloqui tra presenti effettuata a cura della polizia giudiziaria:
insuperabili i limiti alla testimonianza indiretta. Riv pol, p 762
Giordano L, Venegoni A (2016) La Corte Costituzionale tedesca sulle misure di sorveglianza
occulta e sulla captazione di conversazioni da remoto a mezzo di strumenti informatici. Dir
pen cont, 8 maggio 2016
Gray D (2014) The ABA standards for criminal justice: law enforcement access to third party
records: critical perspective from a technology-centered approach to quantitative privacy. Okla
Law Rev 66:919
Gray D (2017) The fourth amendment in an age of surveillance. Cambridge University Press,
New York
Gray D, Keats Citron DK (2013) Addressing the harm of total surveillance. A Reply to Professor
Neil Richards. Harv Law Rev F 126:262
Greer S (2000) The margin of appreciation: interpretation and discretion under the European
Convention on human rights. Council of Europe Publishing. https://www.echr.coe.int/
LibraryDocs/DG2/HRFILES/DG2-EN-HRFILES-17(2000).pdf. Accessed 19 July 2018
Harris DJ, O’Boyle M, Beates EP, Buckley M (2014) Law of the European Convention on human
Hill K (2012) How target figured out a teen girl was pregnant before her Father Did, in Forbes, 16th
February 2012. https://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-
a-teen-girl-was-pregnant-before-her-father-did/#6a7ed7b96668. Accessed 19 July 2018
Iovene F (2014) Le c.d. perquisizioni online tra nuovi diritti fondamentali ed esigenze di accerta-
mento penale. Riv trim dir pen cont 3–4:329
Kerr OS (2010) Applying the fourth amendment to the internet: a general approach. Stanford Law
Rev 62:1005
Klip A (2016) European criminal law: an integrative approach, 3rd edn. Intersentia, Cambridge
Knierim TC (2008) BverfG: Reichweite und Grezen der Online-Durchsuchung, in Fachdienst
Strafrecht, 253764
Kostoris RE (2017) Diritto europeo e giustizia penale. In: Id (ed) Manuale di procedura penale
europea, 3rd edn. Giuffrè, Milano, p 51.
Kudlich H (2008) Enge Fesseln für «Landes- und Bundestrojaner» - Anforderungen an die
Zulässigkeit einer (sicherheitsrechtlichen) Online-Durchsuchung, in Juristische Arbeitsblätter,
p 475
Lasagni G (2018) Tackling phone searches in Italy and in the US. Proposals for a technological
re-thinking of procedural rights and freedoms. NJECL 9(3):386–401
Ligeti K (ed) (2012) Toward a prosecutor for the European Union Volume 1: a comparative analy-
sis. Hart, Oxford
Logan WA (2001) An exception swallows a rule: police authority to search incident to arrest. Yale
Law Policy Rev 19:381
Maioli C, Sanguedolce E (2012) I “nuovi” mezzi di ricerca della prova fra informatica forense e L.
48/2008. http://www.altalex.com/documents/news/2012/05/03/i-nuovi-mezzi-di-ricerca-della-
prova-fra-informatica-forense-e-l-48-2008. Accessed 20 July 2018
Maisch MM (2015) Informationelle Selbstbestimmung in Netzwerken. Duncker & Humblot,
Berlin
Martinico G (2017) Commento all’art. 7. In: Mastroianni R, Pollicino O, Allegrezza S, Pappalardo
References 357
Mazzacuva F (2015) L'incidenza della definizione “convenzionale” di pena sulle prospettive di

riforma del sistema sanzionatorio. Riv trim dir pen cont 3:6
Mitsilegas V (2015) The transformation of privacy in an era of pre-emptive surveillance. Tilburg
Law Rev 20:35–57
Mitsilegas V (2016) Surveillance and digital privacy in the transatlantic ‘War on Terror.’ the case
for a global privacy regime. Columbia Hum Rights Law Rev 47(3):1–77
MONEYVAL (2013) The Postponement of Financial Transactions and The Monitoring of Bank
Accounts, April 2013. https://rm.coe.int/research-report-the-postponement-of-financial-trans-
actions-and-the-mon/168071509b. Accessed 19 July 2018
Murphy T, Ó Cuinn GO (2010) Works in progress: new technologies and the European Court of
Human Rights. Human Rights Law Rev 10(4):601–638
Nicolicchia F (2017) I limiti fissati dalla Corte costituzionale tedesca agli strumenti di controllo
tecnologico occulto: spunti per una trasposizione nell’ordinamento italiano. Arch pen 2
Orlandi R (2009) Questioni attuali in tema di processo penale e informatica. Riv dir proc, p 129
Orlandi R (2014) La riforma del processo penale fra correzioni strutturali e tutela “progressiva” dei
diritti fondamentali. Riv it dir e proc pen, pp 1133–1164
Orlandi R (2018) Usi investigativi dei cosiddetti captatori informatici. Criticità e inadeguatezza di
una recente riforma. Riv it dir proc pen
Pica G (1999) Diritto penale delle tecnologie informatiche. UTET, Torino
Pollicino O (2017) Commento all’art. 8. In: Mastroianni R, Pollicino O, Allegrezza S, Pappalardo
Richards NM (2013) The danger of surveillance. Harv Law Rev 126:1934
Sanchez SI (2012) The court and the charter: the impact of the entry into force of the Lisbon treaty
on the ECJ’s approach to fundamental rights. Common Mark Law Rev 49(5):1565
Sarmiento D (2013) Who’s afraid of the Charter? Common Mark Law Rev 50:1267–1304
Sayers D (2014) Sub art. 48 (Criminal law). In: Peers S, Hervey TK, Kenner J, Ward A (eds) The
EU Charter of Fundamental Rights. Hart, Oxford, p 1303 et seq
Schulhofer SS (2012) More essential than ever: the Fourth Amendment in the twenty-first century.
Oxford University Press, Oxford
Signorato S (2017) Le indagini penali informatiche, I, Giappichelli, Torino
Torre M (2015) Il virus di Stato nel diritto vivente tra esigenze investigative e tutela dei diritti
fondamentali. Dir pen e proc, p 1167
Torre M (2017) Il captatore informatico. Giuffrè, Milano
Tricot J, Martìn AN (forthcoming) Monitoring of banking transactions and traffic data. In: Ligeti K
(ed) Toward a prosecutor for the European Union-Draft rules of procedure, vol 2. Hart, Oxford
Chapter 9
Conclusion
The comparative research in this work has been driven by two leading questions: (a)
In the field of banking investigations, what is a balance between the need to fight
crimes and that of protecting human fundamental rights which can be fairly accepted
in a democratic society?, and (b) under this perspective, is the current legal frame-
work in the EU adequate? If not, what can be done about it?
These issues are today particularly pressing, as traditional balances of interests
in criminal law and procedure are increasingly challenged by phenomena whose
origin is poorly controllable by criminal law operators, such as global financial
crises, the development of digital technology, the existence of supranational multi-
level supervisory systems, and the growth of administrative punitive powers.
These new scenarios bring with them risks, to which criminal law can represent
only a part of the solution, first of all the risk that abuses in the application of new
technologies may lead to the creation of forms of new digital totalitarianism.
Like every (first of all) cultural revolution, however, this search for new balances
can be also a source of new opportunities, and provide a fertile ground for structural
reforms which can hardly be imagined in more stable times: The very creation of the
Single Supervisory Mechanism, or of the European Public Prosecutor Office
(regardless of all their critical profiles) in a Union deeply affected by occurrences of
nationalism bears witness to it.
Among these cultural, economic, and legal changes, financial and banking inves-
tigations (the sector which, it is no coincidence, both the SSM and the EPPO
belong to), due to their intrinsic multidisciplinary and transnational dimension, rep-
resent a forefront in the research for a new equilibrium able to keep pace with old
and recent demands for fundamental rights protection. Dealing today with the ques-
tion of how to ensure an adequate level of protection to the financial system and to
personal data in a world far more extended and complicated that it was only a few
decades ago, means therefore not only to face critical issues arising from a technical
branch of criminal law, but also to reflect on new power structures whose impact

https://doi.org/10.1007/978-3-030-12161-7_9
360 9 Conclusion
and results are likely to influence criminal law and procedure far beyond the mere
financial field.
With this perspective, this work analysed, with a comparative approach, today’s
most critical and at the same time the most dynamic areas of banking investigations:
The creation of supranational centralised investigative and sanctioning powers,
which cover also profiles of substantial criminal liability, and the development and
deployment of financial surveillance techniques forms of surveillance also in lack of
a clear legal framework.
Besides for the specific problems emerging from each of these profiles, a first
critical common consideration can be drawn with regard to the very definition of
financial and banking institution. The existence and development of “alternative”
banking operators (such as Hawala, or e-currency providers) indeed underlines the
inadequacy of anchoring the definition of credit institution to an “institutional”,
rather than to a substantive perspective. This approach in fact leaves wide areas of
financial operations and operators free from adequate forms oversight for supervi-
sory, tax and also, as extrema ratio, criminal law purposes.1
“Alternative” financial operators are indeed today some of the top financial chan-
nels used to perform illicit operations, like tax fraud, money laundering, or terrorist
financing.
Against this composite background, it could appear more appropriate to broadly
interpret the definition of banking institution2 to include in it, at least for supervisory
purposes, any form of activity “the business of which is to take deposits or other
repayable funds from the public and to grant credits for its own account”, besides
for the existence of a formal banking license to do so. However, this extensive inter-
pretation would not be cost-free: Identifying and then supervising “alternative”
financial institutions is a difficult task, which requires to create new sets of tools and
expertise (as in the case of e-currency) and, notable resources. Such an extension
may even in some cases, drastically undermine the added value of certain business
activities (such as in the case of crowdfunding or again, even more, e-currency).
Establishing new forms of supervision, moreover, is also likely to produce a mere
shift of the grey areas towards potentially even less detectable financial platforms.
This dilemma, in itself rather typical of any criminal law policy choice, is further
complicated by the increasing questionability of maintaining strictly separated
forms of control between banking and financial institutions, without, at the same
time, really abandoning the notion of “universal banking”. Indeed, in a context in
which banks are allowed (to a lesser or greater degree, according to contingent his-
torical circumstances) in trading with a large number of activities (such as securi-
ties, or insurance), separated oversights depending on the activities carried out by
credit institutions may risk to miss the big picture or, in the worst case, as it hap-
pened in the US before the last financial crisis, to encourage detrimental forms of
passive and active rivalry among supervisors, which sensibly reduce the effective-
ness of their tasks (and accordingly the level of protection). Separating banks and
financial institutions might result less effective also in criminal investigations, as the
formal reference to “banks” in most criminal regulations generates uncertainties as
Cf. Sect. 2.1.

1
And in the EU, in particular, the notion of “undertaking” established by Article 4(1)(1) CRR.
2
9.1 The Compliance with Fair Trial Rights in the Single Supervisory Mechanism 361
whether the tools there provided may be applied also towards financial non-banking
institutions. In this sense, it is no coincidence that the regulations which are possibly
most effective in fighting forms of financial crimes, like AML/CFT legislation, are
precisely those which embrace a comprehensive notion of “financial institution”.
9.1 T
he Compliance with Fair Trial Rights in the Single
Supervisory Mechanism
The creation of the Single Supervisory Mechanism (SSM) certainly represents an

important step forward for the protection of EU (and especially Eurozone) citizens’
rights through the safety and soundness of the credit market.
The establishment of supranational supervisory authorities however also opens,
or amplifies structural critical issues already present at the national level that remain
currently unaddressed, for instance concerning the degree of independence and
accountability of these administrative bodies, in light of potential conflicts of inter-
est with governments (especially in the US, where banking supervision is also con-
stantly threated by occurrences of deregulation3), or the banking industry.4
Critical concerns have also been raised regarding the effectiveness of coopera-
tion networks, both within supranational systems, and at the international level,
where too often the lack of clear legal basis and the (un)willingness of regulators
substantially impair the supervisory results, while financial operations (and related
abuses, also criminally relevant) are daily carried out by and through economic
actors that take full advantage from the global dimension of their activities.5 On the
other side, it has also been highlighted how the lack of common minimum proce-
dural standards regulating the exchange of information in diagonal (i.e. multi-
disciplinary) cooperation contexts bears significant shortcomings for the defence
rights of the parties involved, especially when the information collected in the (less
safeguarding) banking administrative supervisory proceeding is used as evidence in
criminal investigations.6
In the EU, the investigative and above all sanctioning powers of the Single
Supervisory Mechanism also raise further critical profiles with a direct impact to the
criminal matter. Applying the Engel doctrine to the SSM legal framework, in fact,
several of the sanctions imposable upon credit institutions by the European Central
Bank seem to reveal a substantial criminal nature.
Similarly to other fields of EU and national punitive law, for instance concerning
anti-market abuse or VAT fraud regulations (but also, arguably, antitrust7), also
3
Cf. Sect. 5.4.
4
Cf. Sect. 6.1.1 for an analysis in light of the Basel Committee’s Core Principles.
5
Cf. Sects. 6.1.2 (for the US regulatory system) and 6.1.3 (for the Eurozone-Single Supervisory
Mechanism).
6
Cf., especially in the EU, Sect. 6.1.3.
7
See above Sects. 6.2–6.3.
362 9 Conclusion
banking supervision therefore confirms the trend of progressive expansion of the

substantial criminal matter, which increasingly seems to have abandoned its voca-
tion as extrema ratio among the vast range of potential responses that may be used
by public authorities.
Substantial criminal nature, in particular, may be recognised to: The severe pecu-
niary penalties directly applicable by the SSM (Article 18(1) SSM R and Article 4a
Regulation 2532/98 as referred to by Article 18(7) SSM R), by the National
Competent Authorities, directly or upon request of the SSM (Articles 66(2) let. c, d,
e and 67(2) let. e, f, g CRD IV/V); the related “naming and shaming” publication
sanctions established by Articles 18(6) SSM R, 1a(3) Regulation 2532/98, and
66(2)(a), 67(2)(a) and 68 CRD IV/V; and finally, to the more ambiguous but not less
detrimental supervisory measures consisting in the withdrawal of the banking
authorisation (Article 14(5) SSM R, but also, without prejudice to the national
transposition, Article 67(2)(c) CRD IV/V) and in the removal of members from the
credit institutions’ management body (Article 16(2)(m) SSM R).
The acknowledgement of a substantial criminal nature to these supervisory pen-
alties and measures has a major relevance since in light of the jurisprudence of the
Court in Strasbourg, as adopted by the Court of Justice, their application shall com-
ply with the fair trail rights established for the criminal matter.
The analysis carried out with regard to the SSM rules and procedures8 showed
that some of these fundamental rights appear to have been duly regulated in the
SSM legal framework, also thanks to the clause of Article 47 CFREU which applies
to all proceedings affecting rights protected by the Charter.9 This is the case of the
principle of the equality of arms; the right to have all the material evidence used for
the accusation disclosed; the right of access to files; the right to be assisted with
legal counselling; and (at least partially) the right to be heard.
Severe concerns, on the other side, emerge for other fundamental fair trial rights,
which play an essential role in criminal investigations. This is the case of the inde-
pendence and impartiality of the decision-making body (tribunal), especially with
regard to the separation between the investigative and adjudicating phases,10 of the
right to an oral hearing,11 and of the privilege against self-incrimination.12
Under the first profile, in particular, serious concerns arise not only in the appli-
cation of what the SSM Regulations define as “penalties”, given the limited degree
of independence of the Investigating Units, but even more so when the assessment
regards supervisory measures with substantive criminal nature, as in this case the
8
The analysis of the national regulations and different authorities acting in this field fall instead out
of the remit of this work, cf. Sect. 6.2.
9
Although not necessarily so well protected in case of procedures developed before the entry into
force of the Charter, like antitrust proceedings. See Sect. 6.2.
10
For an analysis of the notion of tribunal in administrative punitive matters and the independence
requirement, see Sect. 6.3; for the impartiality requirement, see Sect. 6.3.1.
11
Cf. Sects. 6.3.2 and 6.3.3.
12
Cf. Sect. 6.3.5–6.3.6.
9.1 The Compliance with Fair Trial Rights in the Single Supervisory Mechanism 363
personnel in charge with the “investigations” (Joint Supervisory Teams) clearly

belongs to the same body that is subsequently adopting the final decision.13
Under the last profile, on the other end, especially problematic appears the duty
for undertakings to cooperate with the SSM investigations established by Articles
10 and 11(a)(b)(c) SSM R and 142 SSM FR, which should be restrictively inter-
preted so as to exclude the possibility for the ECB or NCAs to sanction refusal to
provide self-incriminating information which involve an admission of the existence
of an infringement incumbent upon the ECB to prove.
In this sense, it seems appropriate to introduce in the SSM Regulations a provi-
sion similar to that of Article 9(2) OLAF Regulation, imposing a duty to inform the
undertakings subject to supervisory investigations, and particularly to interviews
under Article 11(1)(d) SSM R, of their rights, including the privilege against
self-incrimination.
This amendment seems necessary even though legal persons (among which
banks) are not yet recognized a level of protection for the right to remain silent
equal to that of natural persons, as showed by Directive 2016/343. Indeed, this dis-
crimination appears, in a long-term perspective, increasingly inconsistent both with
the widespread application of criminal liability upon legal persons in the EU, and
with the case-law of the Court in Strasbourg, which has so far opted for an extensive
application of the rights provided by Article 6 ECHR.14
These procedural lacunas in the SSM enforcement system which risk to cause
major repercussion to the fairness of its sanctioning proceedings, and accordingly
also to the efficiency of the new Eurozone centralised supervision, appear even
more severe considering that currently, contrary to other comparable fields of law
(such as antitrust proceedings), the SSM Regulations do not provide clear legal
basis in the meaning of Article 261 TFEU for the Court of Justice to exercise unlim-
ited jurisdiction over the merit of the sanctions applied by the Mechanism. Indeed,
in light of the ECtHR case-law, as adopted by the CJEU, the existence of an effec-
tive remedy before a body with full judicial review represents the condition upon
which it is possible to deem fair also proceedings which do not fully comply with
all the parameters required by Article 6 of the Convention. The need for this gap to
be addressed is therefore paramount for the resilience of the whole SSM supervi-
sory sanctioning system, to avoid a scenario in which not only credit institutions
(and related natural persons)’ rights are systematically violated when substantially
criminal sanctions are imposed, but also in which each and every sanction imposed
by the ECB, even with the best reasons on the merit, could be invalidated due to
procedural shortcomings.15
Critical considerations regarding the jurisdiction of the Court could be also
drawn with regard to the innovative powers granted to the SSM under Article 9(1)
SSM R, according to which the ECB may instruct competent national authority to
exercise their powers (apparently, from the wording of the provision, without any
13
Cf. Sect. 6.3.1.
14
Cf. Sect. 6.3.6.
15
Cf. Sect. 6.3.3.
364 9 Conclusion
room for discretion for the latter).16 This feature, basically the first case in which
such prerogative has been granted to a European institution, poses substantial issues
concerning the judicial review of the decisions so adopted as, in application of the
CJEU case-law on the matter of composite proceedings, that could bring the Court
of Justice to adjudicate not only upon national law (already a somehow “borderline”
option but present in other European bodies as well17) but also upon acts issued by
national authorities: A step which might even jeopardise the very mechanism of
preliminary ruling.18
Finally, the substantial criminal nature of relevant sanctions imposable by the
SSM according to the Engel criteria raises also critical issues concerning the appli-
cation of the principle of ne bis in idem to double-track punitive systems. This pro-
file remains problematic, although the scope of the double jeopardy clause results
today severely downsized by the ECtHR jurisprudence following the notorious case
A and B v Norway, and, perhaps even more worryingly, by the three 2018 CJEU
decisions that (with a few divergences) seemed to follow its path. Also under this
perspective, indeed,19 the SSM sanctioning powers trigger relevant critical issues
concerning the transnational application of ne bis in idem and again the potential
extension of the CJEU jurisdiction when it is the judge competent to deal with vio-
lations of double jeopardy.20
9.2 T
he Protection of Fundamental Rights (Right
to Privacy) in the Surveillance on Personal (Banking
Digital) Data
With their transnational dimension and the impact of digital technology, surveil-
lance or real-time monitoring investigative techniques represent today one of the
most debated frontiers in the evolution of criminal law and prosecutorial systems,
both in the EU and in the US.
Against a globalised financial and banking system, in which the dematerializa-
tion of services, encouraged and strengthened by the Internet, makes it extremely
hard both to identify breaches of criminal law, and to collect evidence to prove the
latter at trial without using digital technology, introducing a supranational legal
framework regulating banking data surveillance appears increasingly necessary.
16
Cf. Sect. 4.4.1.
17
Cf. Sect. 4.4.1, referring to the case of Article 4(3) SSM R.
18
Cf. Sect. 6.3.3.
19
For a reconstruction of the development, or rather the involution of the European case-law on the
matter of ne bis in idem, see Sects. 2.3.2 and 2.3.3.
20
The critical situations arising under this profile in the SSM legal framework are analysed in Sect.
6.3.7.
9.2 The Protection of Fundamental Rights (Right to Privacy), in the Surveillance on… 365
Taking into account the pervasiveness of such surveillance measures, and their
capacity to severely affect individual and collective fundamental rights, first of all
the right to privacy, however, a cautious but also firm approach needs to be adopted
to establish adequate procedural rules and guarantees.21
In the EU, where the current regulatory state of play appears dramatically inad-
equate and legal basis on the matter are scarce when not inexistent,22 already recog-
nising full application to the criteria developed by the ECtHR under Article 8 of the
Convention, and by the Court of Justice under Articles 7 and 8 CFREU would have
a major impact. Indeed this would require to implement legal basis characterised by
minimum “quality” standards, including a clear definition of: The offences, or the
kind of offences for which a surveillance order may be applied, which should be
limited to serious (also, and especially transnational) crimes; the potential subjec-
tive targets, that should be circumscribed but include legal persons as well (which
also implies the recognition of corresponding defence and privacy rights to these
subjects too); the maximum duration of banking surveillance measures; adequate
guarantees for the storage and destruction of the collected data; public reporting
duties to ensure transparency and accountability; anti-leaking precautions; and,
above all, exclusionary rules in case procedural standards are violated.23
On the other side, the current jurisprudence of the European Courts needs to be
strengthened (lacking a realistic option to change the wording of the Charter) on the
profile of effective remedy. Article 8 CFREU merely requires limitations to the right
to privacy to be supervised by an independent authority, including in this number
not only judicial but also administrative bodies, which however, do not structurally
provide an adequate level of safeguards when it comes to protect the defence rights
of the individuals affected by surveillance measures, especially when information
collected may be used in (substantially) criminal proceedings.24
On a last, but still central profile, an EU legislation on real-time monitoring of
banking data should be guided by a content-shaped approach based on the principle
of technical neutrality, that is the level of safeguards recognized to personal (bank-
ing) data in case of limitation to the right to privacy, should not depend on the spe-
cific technology used to carry out the surveillance, nor on the kind of device where
the data is stored.
This approach is today necessary in dealing with the matter of digital investiga-
tive measures, as it allows regulations to maintain their effectiveness also in times
of great technological changes, preventing them from quickly becoming
obsolete.25
Implementing these rules at the EU level—where so far it has been easier to
agree on the free circulation of prisoners rather than of procedural rules—could find
21
Cf. Sect. 7.3.
22
Cf. Sects. 7.5 and 7.6.
23
Cf. Sect. 8.2.
24
Cf. Sect. 8.3.
25
Cf. Sect. 8.2, sub 7).
366 9 Conclusion
today legal basis in the exigency to facilitate “mutual admissibility of evidence

between Member States”, according to Article 82(2)(a) TFEU.
The competence of the Union to establish “minimum rules” does not however
imply that the latter should contain a “minimum” level of protection, as it too often
occurs in case of extremely compromised solutions.
Especially but not exclusively in the field of personal (banking) data collection,
whose dissemination potentially knows no bounds, the Union and above all its citi-
zens now need, more than ever, clear and effective safeguards that require the cre-
ation of common procedural rules.
It is in this regard that the capability of the Union and of the Member States to
develop an area which can truly be called of “Freedom, Security and Justice” is now
at stake; a test whose results will be essential for the future of us all.

Banking Supervision and Criminal Investigation PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Banking Supervision and Criminal Investigation PDF

Uploaded by

Copyright:

Available Formats

Comparative, European & International Criminal Justice 1

More information about this series at http://www.springer.com/series/16095

ISSN 2524-4558 ISSN 2524-4566 (electronic)

© Springer International Publishing Switzerland and G. Giappichelli Editore 2019

Part I Mapping the Boundaries of an Intricate Playing-Field

Part II Criminal Profiles in Banking Supervision

6.3.6 The Right to Remain Silent in the SSM Legal

Part III Banking Criminal Investigations

ABoR Administrative Board of Review

JIT Joint Investigation Teams

Financial transactions are a crucial element in the undertaking of criminal investiga-

FATF (2012), p. 3.

© Springer International Publishing Switzerland and G. Giappichelli Editore 2019 1

digital technology, the existence of multi-level systems, and an extended use of

See below, Sect. 2.3.

Cf., e.g., Franssen and Ligeti (2017), p. 1 et seq.

© Springer International Publishing Switzerland and G. Giappichelli Editore 2019 9

2.1 The Definition of “Bank” and “Financial Institution”

31 U.S.C. § 5312(2), lett. (W).

From that it derives, that in the EU “banks”—identified stricto sensu as those

concluded that “it is necessary to require legal separation of certain particularly

2.2 Criminal Liability of Legal Persons: A Brief Overview

The increasingly strict connection between administrative and criminal matters is a

As renown, the declaration by the Court in Strasbourg that a certain provision

the consideration that recognizing so “would infringe seriously on the effectiveness

 anaging the Risk of Transnational Bis in idem:

In Europe, as it will be further illustrated, the application of the Engel case-law

Lastly, a third element shall be taken into account, especially in a comparative

Relevant limitations in enforcing the principle of ne bis in idem may be observed

Article 4 which, according to the Protocol, cannot be derogated even in time of

According to the new interpretation, in fact, multiple proceedings concerning the

2.3.3 Enforcing the Principle of Ne Bis In Idem in the EU

it confers on individuals a right which is directly applicable in concrete specific

the Charter only in cases of “severe breach of constitutionally protected principles

2.3.4 Gathering Information Within Multi-Disciplinary

A last profile related to the interconnection of administrative and criminal matters

Against this fragmented background, anyway, also European cooperation net-

2.4 Methodology: Transversal Comparative Approach

© Springer International Publishing Switzerland and G. Giappichelli Editore 2019 85

3.1 The Essential Role of Self-Regulatory Bodies

nificant number of international bodies originated from, or belonging to different

For provisions relevant to real-time monitoring of banking records cf. Chap. 7.

qualification and specialization at the international level, de facto confer them a

The Financial Action Task Force (FATF) is an independent inter-governmental body

professional secrecy applies”–a distinguishing which is not always easy to outline,

3.3 Financial Intelligence Units and the Egmont Group

International cooperation is perhaps the field in which self-regulatory bodies reveal

Other countries, such as Germany (Bundeszollverwaltung-ZOLL), and the UK

At regional level, the contribution of the European Convention on Human Rights

According to Principles 3, supervisory authorities should also be integrated in a

s­ ector; replacing or restricting the powers of managers, Board members or control-

FATF (2015) Annual Report 2014–2015. http://www.fatf-gafi.org/media/fatf/documents/reports/

The theme is analysed in Chap. 6.

© Springer International Publishing Switzerland and G. Giappichelli Editore 2019 109

4.1 From the Financial Crisis to the Banking Union

Authorities; Single Rulebook; Single Resolution Mechanism, and the European

4.2 The European Supervisory Authorities

These authorities, governed by a Board of Supervisors and by a Management

evant information to judicial authorities; and enforcing consumer protection

4.4.1 SSM Supervisory Powers

In particular, Article 16(2) SSM R recognizes the ECB a number of supervisory

4.4.2 SSM Sanctioning Powers

institutions, financial holding companies, or mixed financial holding companies

Part I Mapping the Boundaries of an Intricate Playing-Field

Part II Criminal Profiles in Banking Supervision

6.3.6 The Right to Remain Silent in the SSM Legal

Part III Banking Criminal Investigations

2.1 The Definition of “Bank” and “Financial Institution”

2.2 Criminal Liability of Legal Persons: A Brief Overview

anaging the Risk of Transnational Bis in idem:

2.3.3 Enforcing the Principle of Ne Bis In Idem in the EU

2.3.4 Gathering Information Within Multi-Disciplinary

2.4 Methodology: Transversal Comparative Approach

3.1 The Essential Role of Self-Regulatory Bodies

3.3 Financial Intelligence Units and the Egmont Group

s ector; replacing or restricting the powers of managers, Board members or control-

4.1 From the Financial Crisis to the Banking Union

4.2 The European Supervisory Authorities

4.4.1 SSM Supervisory Powers

4.4.2 SSM Sanctioning Powers

4.4.3 SSM Investigations and Procedures

5.2 The Federal Reserve

5.3 Other US Regulatory Agencies (FDIC, OCC, SEC)

6.1.1 I ndependence and Accountability of Banking

6.3.1 The Right to an Impartial Tribunal

6.3.3 Right to a Full Judicial Review

6.3.4 Right of Legal Assistance and Right to a Public Hearing

6.3.5 The Privilege Against Self-Incrimination

6.3.7 The Protection from Bis In Idem

Scenario (i)—SSM and National Judicial Authorities

Scenario (ii)—NCAs and National Judicial Authorities

Scenario (iii)—SSM and NCAs

cenario (iv)—SSM or NCAs and Other Relevant Administrative National

Scenario (v)—Potentially Critical Profiles Originated Within the SSM

cenario (vi)—Potentially Critical Profiles in the Identification

p articularly in Article 26(5) thereto, frequently reproduced in numerous subsequent

7.3 Measures (iii): Real-time Monitoring of Banking Data