Key Regulatory Topics: Weekly Update 26 Aug - 2 Sept 2021

Consumer/Retail

Please see the Payment Systems and Payment Services section for the UK Finance announcement that HMT and the FCA have decided to raise the contactless limit from £45 to £100 from 15 October.

Pre-paid funeral plan firms can now apply for authorisation

On 1 September, the FCA announced that pre-paid funeral plan providers can now apply for authorisation. The FCA explains that these firms, in order to continue offering pre-paid funeral plans after 29 July 2022, will need to apply for direct authorisation, whilst intermediaries can apply either directly or become an appointed representative of an authorised firm. The FCA sets out what a firm needs to evidence in an application and factors to consider when applying. The FCA encourages firms to apply as soon as possible to allow time before 29 July 2022 for the application to be assessed. If pre-paid funeral plan providers do not intend to apply for authorisation, the FCA requests that these firms contact them. 

Webpage

FCA portfolio letter to loan-based P2P crowdfunding platforms

On 26 August, the FCA published a letter sent to the Board of Directors of loan-based P2P crowdfunding platforms, dated 25 May 2021. The FCA: (i) set out its view of the key risks P2P platforms pose to their customers or the markets in which they operate; (ii) outlines its expectations of P2P firms, including how firms should be mitigating these key risks; and (iii) describes its supervisory strategy to ensure that firms are meeting its expectations, and harms are being remedied. The FCA identifies four areas of potential harm for investors (i.e. lenders) in the P2P sector: (a) the secondary markets for loans, and associated risk management obligations; (b) wind-down plans (WDPs), their triggers, and liquidity monitoring; (c) disclosure of loan performance during periods of loan forbearance, and the use of contingency funds; and (d) unclear platform fees, charges and priority over recoveries. The FCA asked firms to complete and return a wind-down plan funding assessment within three weeks and notify it immediately if they are unable to demonstrate their compliance with any of the specific rules that the FCA has outlined in the letter. The FCA asks firms to take the appropriate action to ensure that they are delivering fair outcomes for consumers and confirms that it will continue to intervene should it see failures in this regard.

Letter

European Data Protection Supervisor opinion on proposed Consumer Credit Directive II

On 26 August, the European Data Protection Supervisor (EDPS) published an opinion on the EC’s legislative proposal for a Directive on consumer credits to revise and replace the Consumer Credit Directive (CCD II). The EDPS notes that the proposal has a clear impact on the protection of individuals’ rights and freedoms with regard to the processing of personal data, in particular in light of the provisions concerning creditworthiness assessment, personalised offers on the basis of automated processing and the use of personal data in the context of advisory and other activities. To promote fair access to credit and data protection, the EDPS recommends clearly delineating the categories and sources of personal data that may be used for the purpose of creditworthiness assessment. The EDPS also recommends explicitly prohibiting the use of any special categories of personal data under Article 9 of the GDPR. Taking into account the possible adverse consequences for the persons concerned, the EDPS considers that the requirements, role and responsibilities of credit databases or third parties providing ‘credit scores’ should be addressed. Further clarifications should also be provided regarding the situations where consultation of external sources is necessary and proportionate. Consumers should always receive meaningful prior information whenever their creditworthiness assessment is based on automated processing. Where the creditworthiness assessment involves the use of profiling or other automated processing of personal data, consumers should be able to request and obtain a human assessment. As regards personalised offers on the basis of automated processing, the EDPS recommends introducing the obligation for the creditor to provide clear, meaningful and uniform information about the parameters used to determine the price. Moreover, the EDPS encourages the legislator to clearly delineate the categories of personal data that may be used as parameters to draw up a personalised offer. The EDPS recommends explicitly confirming the full applicability of the GDPR to any processing of personal data falling within the scope of the proposal. Having regard to the Proposal for an AI Act, the EDPS recommends ensuring that the relevant consumer credit and data protection rules are integrated as part of the (third-party) conformity assessment process prior to CE marking.

Opinion

Financial crime

FCA reminds firms about potential financial crime risks linked to Afghanistan

On 31 August, the FCA published a statement on potential financial crime risks linked to the recent developments in Afghanistan. While Afghanistan is not currently listed as a high-risk jurisdiction in Schedule 3ZA of the MLRs, firms are required by Regulation 33(1)(a) to apply risk sensitive enhanced due diligence measures where there is a high risk of ML/TF, Regulation 33(6) sets out factors that firms may use in their assessment including, but not limited to, country risks. The FCA expects firms to consider the impact of these developments on their AML policies and procedures in a risk-based manner, and to take the steps necessary to ensure they continue to meet their legal and regulatory AML and reporting obligations. Specifically, firms should: (i) ensure that they appropriately monitor and assess transactions to Afghanistan to mitigate the risks of their firm being exploited to launder money or finance terrorism; and (ii) continue to ensure that suspicious activity is reported to the UK Financial Intelligence Unit (UKFIU) at the National Crime Agency (NCA) and that they meet their obligations under MLRs and TF legislation. The FCA notes that sanctions are already in place in respect of Afghanistan and that firms should continue to screen against the UK Sanctions List and in particular the regime specific list for Afghanistan.

Statement

Markets and markets infrastructure

FCA and JFSA framework of cooperation on supervision and enforcement of CRAs

On 26 August, the FCA and the Japanese Financial Services Authority of Japan (JFSA) published letters, which set out a cooperation framework agreed between the authorities regarding the supervision and enforcement of CRAs. The framework covers issues including: (i) applications of cross-border CRAs for registration and the ongoing supervision of cross-border CRAs; (ii) supervisory or enforcement actions against cross-border CRAs; and (iii) information-sharing, requests for assistance and consultation on matters of common concern. The letters state that the framework satisfies the requirements of Articles 34 and 35 of the UK CRA Regulation, which set out obligations for the FCA concerning co-operation agreements on the exchange of information with the supervisory authorities of third countries.

FCA letter

JFSA letter 

Payment systems and payment services

Contactless limit to increase to £100 from 15 October

On 27 August, UK Finance announced that HMT and the FCA have decided to raise the contactless limit from £45 to £100 from 15 October. Given the number of terminals which will need to be updated to accept the new limit, UK Finance notes that it will take some time to be introduced across all retailers. 

Press release 

Prudential regulation

Please see the Sustainable Finance section for a study commissioned by the EC, which assesses current practices for integrating ESG factors into the EU banking prudential framework as well as into banks' risk management, business strategies, and investment policies.

Sustainable finance

EC study on development of tools and mechanisms for integration of ESG factors in EU banking prudential framework

On 27 August, the EC published a study assessing current practices for integrating ESG factors into the EU banking prudential framework as well as into banks' risk management, business strategies, and investment policies. Its main purpose is to enhance the understanding of ESG risks and their relevance within the financial system. It provides a comprehensive overview of current practices and identifies a range of best practices for the integration of ESG risks within banks’ risk management processes and prudential supervision. It outlines challenges and enabling factors associated with the development of a well-functioning EU market for green finance and sustainable investment. The findings include that: (i) ESG integration is at an early stage, and the pace of implementation needs to be accelerated in order to achieve effective ESG integration into banks’ risk management and business strategies, as well as prudential supervision. To support this acceleration, enhancements are particularly required on ESG definitions, measurement methodologies, and associated quantitative indicators; (ii) a lack of adequate data and common standards remain key challenges to be overcome to drive ESG integration; and (iii) cross-stakeholder collaboration, as well as supervisory initiatives and guidance, will be critical in tackling this global and pervasive topic.

Study webpage

Other developments

PRA response to HMT letter on remit, recommendations and priorities 

On 1 September, the PRA published its response to HMT’s March 2021 letter which set out its remit, priorities and recommendations for the PRA. In its response, the PRA summarises its recent activity with regards to, amongst other things, banking resilience and the Covid-19 pandemic, Brexit, Basel III reforms and its review of the capital regime for credit unions. The PRA states that the Prudential Regulation Committee (PRC) will take into account the Government's economic programme and the recommendations set out in the letter when considering how to exercise the PRA’s general functions. The PRA also welcomes the new recommendation that the PRC should, where relevant and practical, have regard to the Government’s commitment to achieve a net-zero economy by 2050 when considering how to advance its objectives and discharge its functions. The PRA notes that it has recognised the risks posed by climate change and the transition to a net-zero economy to the safety and soundness of the firms it regulates for some time and in response has instigated a number of initiatives. 

Response