FICOD Reporting: What Financial Conglomerate Supplementary Supervision Means for Prudential Teams

ByOfficer

Last updated: June 2026

The trap with FICOD reporting is that it falls between two stools. The banking team treats it as an insurance problem, the insurance team treats it as a banking problem, and the supplementary return that sits on top of both, the risk concentration and intra-group transactions filing, gets scoped late and built twice. When a coordinator asks why a EUR 350 million intra-group loan was not reported, the answer is usually not bad faith. It is that nobody owned the conglomerate-level view.

Supplementary supervision exists precisely because solo and consolidated supervision do not see the whole picture. A banking group with a large insurance arm can hold capital that looks adequate in the banking consolidation and adequate in the insurance solo accounts, while the same euro of capital quietly supports both. FICOD reporting is how a supervisor catches that. For a prudential reporting officer, getting it wrong means a coordinator dialogue you did not plan for and a remediation timeline you did not budget.

This guide walks through what the Financial Conglomerates Directive actually requires, who files what, and where the operational thresholds bite. It is written for the person who has to build the return, not the person who writes the policy.

Related reading: our guide to macroprudential buffer stacking covers the combined buffer logic that sits alongside conglomerate-level capital.

What FICOD reporting actually covers

The Financial Conglomerates Directive is Directive 2002/87/EC of 16 December 2002 on the supplementary supervision of credit institutions, insurance undertakings and investment firms in a financial conglomerate. It was published in the Official Journal at OJ L 35, 11.2.2003, p. 1, and it has been amended several times since. Practitioners shorten it to FICOD, and the ECB uses the same abbreviation in its own guidance.

The directive does not replace banking or insurance rules. It adds a layer on top. Where a group combines banking and insurance, and sometimes investment services, FICOD asks four questions that sectoral supervision answers only partially. Is there enough capital across both sectors combined, after stripping out capital that is counted twice. Are exposures too concentrated at group level. Are intra-group transactions moving risk around in ways that sectoral returns miss. And does the group have control mechanisms and risk management processes that match its complexity.

Those four areas map to specific articles. Capital adequacy sits in Article 6 and Annex I. Risk concentration sits in Article 7. Intra-group transactions sit in Article 8. Internal control mechanisms and risk management processes sit in Article 9. If you remember nothing else about the directive structure, remember that Articles 6 to 9 are the operational core, and that the reporting you build serves those four headings.

One definitional point trips people up early. The entity at the top of a conglomerate is often a mixed financial holding company, a term defined in Article 2 of FICOD and carried across into the Capital Requirements Regulation. A mixed financial holding company is not a financial holding company and it is not a bank. It is the parent that sits above both the banking and insurance limbs, and it is frequently the entity through which supplementary obligations are met.

When a group becomes a financial conglomerate

A group is not a financial conglomerate just because it owns a bank and an insurer. Article 3 of FICOD sets identification thresholds, and the test is deliberately about balance and significance rather than mere presence.

The core test asks whether the activities of the smallest financial sector in the group are significant. Significance is measured as the average of two ratios: the smallest sector’s share of the group’s total financial-sector balance sheet, and its share of the group’s total solvency requirements. Where that average exceeds 10%, the cross-sectoral activities are presumed significant. There is also an absolute alternative. Where the balance sheet total of the smallest financial sector exceeds EUR 6 billion, significance can be presumed even if the 10% ratio is not met. Article 3 also gives supervisors waiver powers in defined circumstances, so identification is a supervisory determination, not a self-assessment a group makes alone.

This is where teams get the scope wrong. They assume that a small insurance subsidiary inside a large bank can never tip the group into conglomerate status. The EUR 6 billion absolute threshold says otherwise. A subsidiary that is a rounding error in percentage terms can still be large enough in euro terms to bring the supplementary regime into play. Conversely, a group can sit just below the line one year and cross it the next as the smaller sector grows, which is why identification is reviewed annually rather than set once.

The output of that process is public. The Joint Committee of the European Supervisory Authorities, the EBA, EIOPA and ESMA acting together, publishes an annual List of Financial Conglomerates. The 2025 list, reference JC 2025 90, was issued on 10 February 2026 and reflects information received up to 30 October 2025. It names the groups with a head of group in the EU or EEA and identifies the coordinator for each. Large banking-led groups such as BNP Paribas Group, Banco Santander, BBVA, CaixaBank, Groupe BPCE and Bank of Ireland Group appear on it, with the ECB shown as coordinator. If your group appears on that list, check the row footnotes and the coordinator communication. The list is a strong scope signal, but Article 3 or 3a waivers may mean the group is not treated as a financial conglomerate or is not subject to all supplementary-supervision requirements.

The coordinator, and why the ECB sits at the centre

Every financial conglomerate subject to supplementary supervision has a coordinator, appointed from among the competent authorities involved. The coordinator runs the conglomerate-level supervisory relationship: it sets reporting requirements, collects the supplementary returns, and coordinates with the sectoral supervisors of the individual entities. The tasks of the coordinator do not override the sectoral supervisors. They sit alongside them.

For most large euro-area banking-led conglomerates, the coordinator is the ECB. The legal hook is Article 4 of Council Regulation (EU) No 1024/2013, the SSM Regulation, which gives the ECB the task of participating in supplementary supervision and of assuming the coordinator role where it is appointed under the relevant criteria. In practice, if the ECB directly supervises the credit institution at the head of the group as a significant institution, it is usually the coordinator for the conglomerate as well.

That matters operationally because the coordinator, not a delegated regulation, sets your actual thresholds. The ECB has published general expectations, but the final reporting requirement for any individual conglomerate is communicated bilaterally by the ECB after consultation with the other relevant competent authorities. Two conglomerates of similar size can therefore carry slightly different reporting instructions. Reading the ECB guide tells you the default. Reading your own coordinator decision tells you what you actually file.

Supplementary capital adequacy and the double-gearing problem

The capital adequacy calculation under Article 6 and Annex I is the heart of the prudential case for FICOD. Its purpose is to eliminate multiple gearing, sometimes called double-gearing, where the same own funds support a capital requirement in the banking sector and again in the insurance sector. Left uncorrected, a conglomerate can show two healthy solo positions built on one pool of capital.

Annex I provides three calculation methods. Method 1 is based on accounting consolidation. Method 2 is the deduction and aggregation method, which works up from the solo own funds and requirements of each entity and removes intra-group holdings. Method 3 is a combination method, where competent authorities may allow a combination of Method 1 and Method 2. The calculation method must be applied consistently over time. The output is a supplementary own funds figure and a capital adequacy ratio for the conglomerate, calculated in accordance with Article 6 and Annex I. That same conglomerate own funds figure is the denominator for several of the risk concentration thresholds described below, which is why the capital calculation and the RC-IGT return are not separate projects. They share inputs.

A common misreading is that FICOD capital adequacy is a third capital ratio layered on top of the banking and insurance ratios, with its own buffer stack. It is not. It is a sufficiency check that the combined group holds enough qualifying own funds against the combined requirements, with double counting removed. There is no FICOD-specific buffer requirement in the way there is a combined buffer requirement in banking. If you want the banking buffer mechanics, the internal capital adequacy assessment process and the combined buffer stack are separate exercises that feed the banking limb, not the conglomerate calculation.

Reporting significant risk concentrations

Risk concentration reporting under Article 7 is the first half of what practitioners call the RC-IGT return. The binding reporting standard is Commission Implementing Regulation (EU) 2022/2454 of 14 December 2022, the implementing technical standards for supervisory reporting of risk concentrations and intra-group transactions, published at OJ L 324, 19.12.2022, p. 55. The definitions and the coordination of supplementary supervision sit in Commission Delegated Regulation (EU) 2015/2303 of 28 July 2015.

The ECB Guide on Financial Conglomerate Reporting of Significant Risk Concentrations and Intragroup Transactions, published in January 2024, sets out the general thresholds the ECB expects as coordinator. For counterparty risk concentration, the expectation is to report any exposure to a client or group of connected clients above the lower of two thresholds: 10% of the own funds of the financial conglomerate, calculated using the method the group uses for its capital adequacy, or EUR 300 million. The exposure is taken on a gross basis, before risk mitigation. For country and currency concentrations, the trigger drops to 5% of conglomerate own funds, and anything below that line is reported under an aggregate “Other” category rather than dropped. Sector concentration carries no threshold at all: exposures are allocated to sectors and reported in full.

The ECB guide adds a qualitative expectation under its Article 7(3) risk-concentration section. Where the conglomerate reports a single-name exposure exceeding 25% of own funds on a net basis after risk mitigation, it is expected to explain to the coordinator why the exposure is not excessive, with reference to strategy, risk appetite, internal limits and other relevant factors. There is a specific carve-out for assets whose risk is mainly borne by policyholders: a 0.1 multiplying factor can apply where the economic risk is contractually transferred to policyholders, and the amounts before and after that factor are reported in dedicated template cells (the guide names templates FC0250, FC0260 and FC0280). The reporting officer who treats the 25% line as a hard limit rather than an explain-or-justify trigger ends up either over-escalating or, worse, staying silent on a concentration the coordinator expected to hear about.

If you already run COREP large exposures reporting, the instinct is to reuse that population for the conglomerate return. In practice, teams that reuse the COREP large exposures population can miss the insurance limb entirely. Resist it. The large exposures framework measures against banking own funds at the consolidated banking level. FICOD risk concentration measures against conglomerate own funds and includes the insurance limb. The counterparties overlap, the denominators do not, and the thresholds are set by the coordinator rather than by the Capital Requirements Regulation.

Reporting significant intra-group transactions

The second half of the RC-IGT return covers intra-group transactions under Article 8. These are the transfers that move capital, funding, risk or earnings between entities inside the conglomerate, and the framework cares about them because they can quietly relocate risk from a supervised limb to a less visible one, or out toward parties linked only by close links.

The ECB guide sets thresholds that scale with the size of the conglomerate. For equity-type transactions, debt or asset transfers, derivatives, off-balance-sheet and contingent liabilities, and insurance or reinsurance transactions, the expectation is to report each transaction at or above the lower of 5% of the conglomerate’s total capital adequacy requirements or EUR 300 million, where those requirements are at or below EUR 40 billion. Where capital requirements exceed EUR 40 billion, the single threshold becomes EUR 1 billion. Profit and loss transactions are reported where their absolute value is at least 5% of the conglomerate’s total revenues on a consolidated basis.

The reporting window is broader than a single snapshot. The return captures transactions in force at the start of the reporting period, transactions initiated during the period and still in force at the reference date, and transactions initiated and matured within the period. The amount reported is the maximum registered during the period, not the closing balance. Transactions executed as part of a single economic operation are aggregated for threshold assessment and reported individually if together they meet one of the thresholds. To stop a one-off spike pushing a group over a line, the coordinator may agree to assess capital requirements on a three-year average.

When a conglomerate’s intra-group population is mapped against these thresholds, the surprise is often not the visible equity injections. It is the profit and loss line. Recurring intra-group service fees and reinsurance flows that nobody thought of as a reportable transaction crossed the 5% of revenues test once they were aggregated across the year. That is the recurring lesson: the intra-group return is an as-it-moved measure, not an as-at measure, and teams that build it from a period-end ledger miss exactly the transactions the framework is designed to surface.

Two scope points are worth stating plainly because they are easy to get wrong. First, the ECB guide indicates that purely intra-sectoral transactions, between two regulated entities in the same financial sector, are generally not expected to be reported unless the coordinator asks, with one notable exception: transactions between an asset management company and a credit institution are generally treated as relevant. Second, beyond the numeric thresholds, Article 8(3) allows quantitative limits, qualitative requirements or other supervisory measures, and the ECB guide expects intra-group transactions to be performed at arm’s length where Member States have delegated that power to competent authorities. Information on the management of conflicts of interest and risks of contagion is expected to be reported together with the legal structure and governance information filed under Article 9(4). The numbers are only part of the return.

The Danish Compromise and why solo-plus supervision matters

FICOD does not work alone. It interacts with how a bank treats its insurance holdings under the Capital Requirements Regulation, and the most discussed point of contact is the so-called Danish Compromise. Under Article 49 of the CRR, a competent authority may permit an institution not to deduct its holdings of own funds instruments in insurance undertakings, reinsurance undertakings and insurance holding companies from its own funds, where the group is supervised as a financial conglomerate and defined conditions are met. Instead of being deducted, the holding is risk-weighted.

Article 49 CRR permits the non-deduction treatment only subject to supervisory permission and the conditions in the current CRR text. Prudential teams should verify the current consolidated Article 49 wording and applicable risk-weight treatment before modelling the capital effect. The point that matters for supervision is the one the ECB itself has flagged: not deducting the insurance stake leaves it on the balance sheet as a risk-weighted asset, which creates a more direct transmission channel between insurance market movements and the bank’s regulatory capital metrics. ECB Supervisory Board member Anneli Tuominen made exactly this point in a 5 June 2026 speech to the Pan-European Conglomerate Club, describing how the same capital can be used twice to cover the bank and the insurance arm, and why the Danish Compromise sharpens rather than removes that sensitivity.

This is the heart of what supervisors call solo-plus supervision. Prudential requirements are applied at the level of individual legal entities, so risk is addressed where it arises, and that base is then supplemented with group-level oversight, cross-authority cooperation and limits on intra-group exposures. It is not full group consolidation across banking and insurance, and it is not a single combined capital regime. Understanding that the framework is solo requirements plus a supplementary overlay, rather than one consolidated whole, explains why your conglomerate return looks the way it does. For the capital efficiency mechanics that CRR3 changed in parallel, our CRR3 output floor phase-in guide covers the broader recalibration.

Where the framework is heading in 2026

Three developments are worth tracking, and each has a different status, so do not blur them together.

First, codification. On 17 February 2026 the European Commission published COM(2026) 74 final, a proposal to codify Directive 2002/87/EC. Codification consolidates a directive that has been amended many times into a single clean text without changing the substance. The proposed codified title is broader than the 2002 original, extending expressly to asset management companies and alternative investment fund managers alongside credit institutions, insurance and reinsurance undertakings and investment firms. This is a tidying exercise, not a reform, and it does not by itself change a single reporting threshold.

Second, integrated reporting. In the same 5 June 2026 speech, the ECB pointed to work on a more integrated reporting framework, including a fully integrated European reporting system, a supervisory tolerance margin for errors based on a materiality concept, and an inventory of non-market-sensitive reporting requirements. The ECB noted that conglomerates would particularly benefit, given that they report to several authorities. None of this is in force. It is direction of travel, and it belongs in your horizon scanning rather than your build plan.

Third, the buffer and integration agenda. The same speech revived proposals to merge five macroprudential buffers into two, to complete the banking union including a European deposit insurance scheme, and to address regulatory gaps between banks and non-banks. These are policy positions, not adopted rules. A reporting team should read them as a signal that the conglomerate-level capital and buffer picture is under active review, and should keep its view of the ECB supervisory priorities current, while changing nothing in its current returns until the law does.

Frequently Asked Questions

Is FICOD reporting a separate return from COREP and FINREP?

Yes. The supplementary risk concentration and intra-group transactions filing, built under Commission Implementing Regulation (EU) 2022/2454, is a distinct conglomerate-level return collected by the coordinator. It draws on the same underlying data as COREP and FINREP, but it measures against conglomerate own funds and includes the insurance limb, so it cannot simply be carved out of the banking returns. Our COREP reporting guide covers the banking own funds side that feeds part of the inputs.

Who actually files the supplementary return?

The obligation sits at conglomerate level and is typically met through the regulated entity or the mixed financial holding company at the head of the group, as directed by the coordinator. The coordinator communicates the precise reporting requirement bilaterally. The ECB guide sets general expectations, but the binding instruction for your group is the coordinator decision.

What thresholds make a risk concentration reportable?

For counterparty concentrations, the ECB general expectation is to report exposures above the lower of 10% of conglomerate own funds or EUR 300 million, on a gross basis. Country and currency concentrations use a 5% of own funds trigger, and sector concentrations are reported without a threshold. A single-name exposure above 25% of own funds, measured net, triggers an explanation to the coordinator under Article 7(3).

How are intra-group transaction thresholds set?

For equity-type, debt, asset transfer, derivative, off-balance-sheet and insurance transactions, the ECB general expectation is to report at or above the lower of 5% of total conglomerate capital adequacy requirements or EUR 300 million where requirements are at or below EUR 40 billion, and EUR 1 billion where they exceed EUR 40 billion. Profit and loss transactions are reportable at 5% of total consolidated revenues. The amount reported is the maximum registered during the period.

What is the Danish Compromise in plain terms?

It is the Article 49 CRR permission that lets a bank in a financial conglomerate risk-weight its insurance holdings instead of deducting them from own funds, subject to supervisory permission and conditions. Prudential teams should check the current consolidated Article 49 wording and applicable risk-weight treatment before modelling the capital effect. It improves capital efficiency but keeps the bank’s capital metrics more directly exposed to insurance-sector movements.

Does FICOD create a separate capital buffer?

No. Article 6 and Annex I produce a supplementary capital adequacy check that the combined group holds enough qualifying own funds against combined requirements, with double-counted capital removed. There is no FICOD-specific combined buffer requirement. The macroprudential buffer stack applies to the banking limb separately.

How do I know if my group is a financial conglomerate?

Identification is a supervisory determination under Article 3, but the practical signal is the annual List of Financial Conglomerates published by the Joint Committee of the EBA, EIOPA and ESMA. If your group is named, with a coordinator assigned, supplementary supervision generally applies and you should expect a coordinator reporting instruction, subject to any Article 3 or 3a waiver.

Related Articles

Key Takeaways

  • FICOD, Directive 2002/87/EC, adds supplementary supervision on top of banking and insurance rules across four areas: capital adequacy (Article 6), risk concentration (Article 7), intra-group transactions (Article 8) and internal control mechanisms (Article 9).
  • A group becomes a financial conglomerate under Article 3 when the smallest financial sector exceeds the 10% significance test or when its balance sheet total exceeds EUR 6 billion, subject to supervisory determination and waivers.
  • Every conglomerate has a coordinator. For most large euro-area banking-led groups it is the ECB, under Article 4 of the SSM Regulation, and the coordinator, not a delegated regulation, sets your actual reporting thresholds.
  • The supplementary capital calculation eliminates double-gearing using one of the three methods set out in Annex I. It is a sufficiency check, not a third buffered capital ratio.
  • The RC-IGT return, built under Commission Implementing Regulation (EU) 2022/2454, reports significant risk concentrations and intra-group transactions against conglomerate own funds, with ECB general thresholds set out in its January 2024 guide.
  • Intra-group transaction reporting is an as-it-moved measure: it captures the maximum amount during the period and aggregates single economic operations, so a period-end ledger will under-report.
  • The Danish Compromise (Article 49 CRR) lets a conglomerate bank risk-weight insurance holdings rather than deduct them, subject to supervisory permission and the conditions in the current CRR text, increasing capital efficiency but tightening the link to insurance-market movements.
  • The 17 February 2026 codification proposal COM(2026) 74 is a clean-up of the directive, not a reform, and changes no reporting threshold on its own.

Sources and References

Build the conglomerate view before the coordinator asks

The reporting officers who handle FICOD well are the ones who treat the conglomerate as a single supervised object rather than a bank with an insurance attachment. They own one conglomerate own funds figure that feeds both the capital adequacy calculation and the risk concentration thresholds. They build the intra-group return from transaction flow, not from a period-end ledger. And they keep their coordinator decision next to the ECB guide, because the guide tells them the default and the decision tells them the rule. Do that, and the supplementary return stops being the filing that falls between two stools.

Disclaimer: The information on RegReportingDesk.com is for educational and informational purposes only. It does not constitute legal, regulatory, tax, or compliance advice. Always consult your compliance officer, legal counsel, or the relevant supervisory authority for guidance specific to your institution.

Similar Posts