Key Regulatory Topics: Weekly Update 6 - 12 Jan 2023
13 January 2023
This week, the PRA sent letters to deposit-takers, and international banks that are active in the UK, outlining its supervisory priorities for the coming year, while the FCA set out its supervisory strategy for wholesale brokers. In the EU, the EBA published its peer review on the implementation of the EBA guidelines on authorisation and registration of payment institutions and e-money institutions under PSD2, while the European Parliament indicated that it plans to consider MiCA and the Revised Recast WTR during its April plenary session.
Corrigendum to PRIIPs Delegated Regulation (EU) 2021/2268 published in OJ
On 12 January, a Corringedum to Delegated Regulation (EU) 2021/2268 amending the RTS laid down in Delegated Regulation (EU) 2017/653 as regards the underpinning methodology and presentation of performance scenarios, the presentation of costs and the methodology for the calculation of summary cost indicators, the presentation and content of information on past performance and the presentation of costs by packaged retail and insurance-based investment products (PRIIPs) offering a range of options for investment and alignment of the transitional arrangement for PRIIP manufacturers offering units of funds referred to in Article 32 the PRIIPs Regulation as underlying investment options with the prolonged transitional arrangement laid down in that Article, was published in the OJ. The Corrigendum amends the wording of the title that previously omitted part of the reference number.
FCA and PRA consult on FSCS Management Expenses Levy Limit 2023/24
On 12 January, the FCA and PRA began consulting on proposals for the annual Management Expenses Levy Limit (MELL) for the FSCS for the financial year 2023/24. The proposed MELL for 2023/24 is £109.8 million, consisting of the FSCS management expenses budget of GBP99.8 million, and an unlevied reserve of GBP10 million. The proposed MELL is GBP0.7 million lower than the 2022/23 MELL and would apply from 1 April, the start of the FSCS’s financial year, to 31 March 2024. The FSCS is currently forecasting an underspend of GBP6.3 million compared to the 2022/23 management expenses budget. If this forecast materialises these funds will be used to offset the levy for the relevant classes in 2023/24. The FSCS’s compensation costs levy, which covers compensation paid to consumers, is determined separately by the FSCS and does not form part of the consultation. The deadline for comments is 9 February. The FSCS has also published its Budget Update, which confirms that the total levy for 2023/24 remains, as forecast, at GBP478 million.
Financial crime and sanctions
EP Committee adopts report on proposed Directive on access to bank account registries through single access point
On 12 January, the EP announced that its Committee on Civil Liberties, Justice and Home Affairs has adopted its report on the proposed Directive amending Directive (EU) 2019/1153 as regards access of competent authorities to centralised bank account registries through the single access point. It mandates EU Member States to ensure that the information from centralised registries is available through a single access point to be developed and operated by the EC. This way, competent authorities can quickly establish if an individual holds accounts in several EU countries without multiple time-consuming queries. MEPs emphasise the importance of respecting an individual’s right to privacy, and the principle of data minimisation. They also highlight the need to gather bank account information proportionally to the needs of a specific ongoing investigation, and emphasise that searches in the centralised bank registries should only be allowed in cases where the authorities would be allowed to conduct a similar search in national registries. Next, the full house of the EP will be asked to endorse the mandate for negotiations.
ESAs identify good practices for financial education initiatives on scams, fraud and cyber security
On 12 January, the ESAs published a joint thematic report on national financial education initiatives on digitalisation, with a focus on cybersecurity, scams, and fraud. The ESAs explain that access to digital channels and digital infrastructure has become a prerequisite for consumers to make use of financial services, and this trend has intensified in the context of the Covid-19 pandemic. Against this backdrop, the ESAs highlight the fact that without appropriate digital financial skills and the ability to ensure their cybersecurity, consumers are more at risk of becoming victims of scams and fraud. The ESAs identify 12 good practices that national competent authorities (NCAs) and other public entities can follow when designing and implementing their financial education initiatives, which include to: (i) publish a blacklist of fraudulent providers to help digitally literate consumers properly assess the financial risks arising from financial products and services linked to new technologies, such as cryptoassets; (ii) reach technology-averse consumers not only through digital, but also non-digital, channels and teach them how to use digital tools to access financial services safely; (iii) work closely with teachers to understand their specific educational needs, as well as help them develop and test adequate educational material, so that they can serve as multipliers of students’ financial education; (iv) package financial education initiatives appropriately to increase their reach, for instance by including entertaining elements, such as games. This can help consumers acquire relevant knowledge as well as some practical experience in handling financial matters, thereby creating a deeper and more appealing learning experience; and (v) apply search engine optimisation to ensure that NCAs’ financial education websites appear among the first search results when consumers look for information on specific financial subjects.
Six largest banking providers complete implementation of Open Banking Roadmap
On 12 January, the CMA announced that, following a report from the Open Banking Implementation Entity (OBIE), the six largest banking providers have implemented all the requirements of the Open Banking Roadmap. The OBIE has also completed the outstanding items that were identified in its August 2022 status update. As a result, the CMA has determined that the implementation phase of the Open Banking Roadmap is substantially complete. The six banking providers have continuing obligations under the CMA’s Retail Banking Order, to allow customers to access their data securely and benefit from Open Banking. The OBIE will continue its work to ensure that the three remaining major banks that have not implemented all of the requirements of the Open Banking Roadmap do so as soon as feasible. To support the OBIE in this, the CMA will consider enforcement action as appropriate to ensure this happens in a timely way. The Joint Regulatory Oversight Committee, comprising HMT, the CMA, the FCA and the PSR, will take Open Banking forward and will be setting out its recommendations on the design of the future Open Banking entity in Q1 2023.
UNIDROIT consultation on draft principles on digital assets and private law
On 10 January, the International Institute for the Unification of Private Law (UNIDROIT) began consulting on a set of Draft Principles and Commentary on Digital Assets and Private Law. The Principles are designed to facilitate transactions in certain digital assets often used in commerce. It is intended that the Principles will provide guidance to principals in the transactions covered by these Principles, their advisors, and the courts and others who will consider the legal effects of these transactions. The Principles are technology and business model neutral and also jurisdiction neutral. The purpose of the consultation is to: (i) raise awareness about the instrument; (ii) ensure that the instrument is well suited to application in different contexts, including both civil law and common law jurisdictions as well as developing economies, emerging markets, and developed economies; and (iii) seek feedback from parties engaged in the digital asset industry, on whether the instrument sufficiently addresses the private law issues that arise in transactions related to digital assets, and to entities providing services related to digital assets. The deadline for comments is 20 February.
UK Forum for Digital Currencies established
On 11 January, UK Finance announced that, together with four other associations, it has established a new UK Forum for Digital Currencies (UK FDC) to enable discussion and collaboration around the industry’s response to digital currency developments in the UK. This includes the potential for a CBDC, as well as the regulatory approach to stablecoins and other variable value cryptoassets. The UK FDC’s priorities include to: (i) develop a common terminology which embraces existing definitions used in the sector into a single lexicon; (ii) recommend high-level domestic standards and policies that can both influence and work in conjunction with the emerging international ones; (iii) facilitate discussion and engagement between the UK existing financial services and the crypto industry to help reduce the barriers between and increase mutual understanding of rules and processes; and (iv) develop and promote a series of thought leadership events to educate law and policymakers on the benefits coming from this emerging sector that can help the government to deliver growth and attract investments. The four other members of the UK FDC are the City of London Corporation, Digital Pound Foundation, The Payments Association, TheCityUK, and UK Finance.
EP to consider MiCA and revised recast WTR in April
On 11 January, the EP updated its procedure files on the proposed Regulation on markets in cryptoassets (MiCA), and on the proposed Regulation on information accompanying transfers of funds and certain cryptoassets (revised recast WTR), to indicate that it intends to consider the proposed Regulations during its plenary session to be held from 17-20 April. The files previously indicated that the EP intended to consider the proposed Regulations in February.
DRCF extends deadline for comments on 2023/24 workplan
On 9 January, the Digital Regulation Cooperation Forum (DRCF) extended the deadline for responding to the call for input on its 2023/2024 workplan from 6 January until 27 January. The DRCF brings together the CMA, Ofcom, the ICO, and the FCA to deliver a coherent approach on digital regulation.
EP to consider amendments to ELTIF Regulation on 13 February
On 12 January, the EP updated its procedure file on the proposed Regulation amending the European Long-Term Investment Funds (ELTIF) Regulation to indicate that it intends to consider the proposed Regulation during its plenary session on 13 February. The procedure file previously indicated that the EP intended to consider the proposed Regulation on 1-2 February.
ELTIF Amending Regulation file
Markets and markets infrastructure
Please see the ‘Other Developments’ section for the five EEA Joint Committee Decisions amending Annex IX (Financial Services) to the EEA Agreement which have been published in the OJ.
FCA consults on streamlining transparency rules on structured digital reporting of annual financial statements
On 12 January, the FCA began consulting on changes to streamline its rules that require in-scope
companies with securities admitted to UK regulated markets to prepare, publish and file with the FCA their annual financial report in an electronic format, and for the financial statement within it to be in a ‘structured digital format’. Structured digital reporting can improve transparency of market disclosures by applying digital ‘tags’ or ‘labels’ to the information to enable easier comparison and extraction of data. The FCA proposes: (i) simplifying the arrangement of its existing requirements by revoking the Technical Standard (where they are currently set out), and putting the key provisions directly in the Disclosure, Guidance and Transparency Rules (DTRs); (ii) introducing a new rule in the DTRs requiring issuers to tag their annual financial statements using a ‘generally accepted taxonomy’ for annual corporate reporting in UK regulated markets. The FCA also proposes removing some unnecessary provisions and making other minor changes and clarifications; and (iii) issuing new guidance on ‘generally accepted taxonomies’ in a new Technical Note. The FCA explains that it will be able to keep this updated more quickly than has been possible in updating the permitted taxonomies in the Technical Standard. The deadline for comments is 24 February.
FCA portfolio letter on supervision strategy for wholesale brokers
On 11 January, the FCA published a portfolio letter on its supervisory strategy for wholesale brokers. The FCA sets out its view of the most important risks arising from wholesale brokers, what it thinks drives those risks, and its supervisory focus for the next two years. The FCA has seen gradual improvement in inherent conduct risks facing the sector, however wholesale broking firms generally continue to be behind others in stopping poor conduct and improving culture. Holistically, too often, firms’ control functions are not properly resourced or empowered to effectively challenge the business, resulting in compliance controls that are inadequate for effective risk management. The FCA’s key areas of focus are: (i) financial resilience – firms should review the level of liquidity that they hold under the IFPR and ensure that their assessment is commensurate with the risks they face. Firms should seek to model stress events in more extreme, or reverse stress scenarios, and consider what they might need, or need to provide in these circumstances, and test what can be done to reduce vulnerability in those events; (ii) remuneration structures – Boards and CEOs should ensure that their remuneration structures comply with the new IFPR remuneration requirements. Fixed and variable remuneration must be appropriately balanced, with fixed salaries making up a sufficiently high proportion of total remuneration. In 2023, the FCA will focus on ensuring that firms are appropriately applying deferrals, malus and clawback when remunerating relevant staff; (iii) governance and culture – firms should continue to embrace the SMCR to promote good decision making and individual accountability, and with an understanding that the nature of their business means that relatively junior employees (in terms of traditional hierarchy) can expose broking firms to significant risk of harm to the firm, their clients and the market more broadly. To avoid conduct risk, firms should properly take into account regulatory references when hiring new certified staff and consider appropriate risk mitigations with any individuals where adverse information comes to light in the hiring process; and (iv) control functions – brokers commonly have weak systems and controls relating to financial crime and market abuse mitigation. Firms should continue to develop safeguards to mitigate these risks. By the end of February, the FCA expects all CEOs to have discussed this letter with their fellow directors and/or Board and to have agreed actions and/or next steps.
FCA Market Watch 72
On 11 January, the FCA published Market Watch 72. The FCA outlines its recent findings on the quality of service provided by Approved Publication Arrangements (APAs) and Approved Reporting Mechanisms (ARMs), collectively known as Data Reporting Services Providers (DRSPs), to clients who use a DRSP to meet their MiFID II regulatory reporting obligations. Overall, feedback from clients on their DRSP customer experience was positive. However, the FCA has identified some common themes in the responses: (i) connectivity – DRSPs should keep clients affected by connectivity issues appropriately informed throughout the identification and remediation process; (ii) data quality – the factors listed in Article 10(5) of onshored RTS 13 that APAs should consider when identifying information that is likely to be erroneous are non-exhaustive. Good practice involves having other checks for report content that is likely to be erroneous. Article 11(1) of onshored RTS 13 requires ARMs to have arrangements to identify transaction reports that are incomplete or contain obvious errors caused by clients. ARMs are encouraged to implement other checks and validations beyond those set out in the FCA’s validation rules where they have assessed this will improve the data quality of their submissions; (iii) fees – the FCA expects DRSPs to set fees to ensure clients are getting good value for money; (iv) unregulated services – DRSP clients should perform due diligence on the unregulated services that their DRSP offers to ensure their own compliance with accuracy and completeness requirements for their MiFID II post-trade regulatory reporting. Where DRSPs or their wider group offer unregulated ancillary services, DRSPs should distinguish these services clearly to clients; (v) barriers to switching – DRSPs are encouraged to review onboarding and offboarding procedures to ensure they do not cause any unnecessary friction and to disclose information about the overall process, timelines, and any costs; and (vi) overall customer experience – where clients raise issues, DRSPs should resolve these as soon as possible, keeping clients informed throughout the remediation process. The FCA expects DRSPs to have the right staff, systems, policies, and procedures to ensure they provide high quality data reporting services to all clients.
EC summary of responses to consultation on third country benchmarks regime
On 10 January, the EC published a report providing an overview of the results of the targeted consultation on the regime applicable to the use of benchmarks administered in a third country. Key findings include: (i) there is broad support for the reform of the BMR third country regime towards a narrower scope, covering only a designated set of benchmarks; (ii) a small majority of benchmark administrators indicated that they are planning to change their status under the BMR in light of the entry into application of the rules for third country benchmarks as they currently stand, while significant minorities either do not know yet or have no such plans; (iii) there continues to be significant uncertainty around the future availability of many non-EU benchmarks. In many cases, administrators whose benchmarks are not yet BMR-compliant have not yet systematically informed their EU users of their intentions to comply; (iv) 89% of benchmark users considered that there will be an impact (severe, medium or some) of the entry into application of the rules on third country benchmarks in the BMR on their activities, or that some of their activities might become unsustainable. Nearly 80% also anticipate competitive disadvantages vis-à-vis competitors that are not supervised entities within the scope of the BMR if the third country “market-access” rules for benchmarks enter into application without changes in 2024; (v) respondents agreed that ESMA should be responsible for supervising strategic non-EU benchmarks; (vi) 80% of the respondents considered that the internal scope of the BMR requires amendment along similar lines as the third country rules to ensure a level playing field; (vii) respondents broadly agreed that EU Climate Benchmark labels should be open standards, accessible to EU, as well as non-EU, administrators. There was a slight preference that ESMA retain direct supervision of third country administrators; and (viii) several respondents were concerned that the current timeline, with a report from the EC due by 15 June would de facto require that the EC further suspend the entry into application of the third country rules until 1 January 2026.
Payment services and payment systems
EBA peer review on authorisation under PSD2
On 11 January, the EBA published its peer review on the implementation of the EBA Guidelines on authorisation and registration of payment institutions and e-money institutions under PSD2. Generally, the EBA found that there was increased transparency and consistency of the information required in the authorisation process. Overall, competent authorities have largely or fully applied the Guidelines. However, divergent practices were identified in relation to: (i) the assessment of business plans, applicants’ governance arrangements and internal control mechanisms; (ii) applicants’ compliance with PSD2 requirements on ‘local substance’; (iii) competent authorities’ assessment and the degree of scrutiny of applications. The average duration of the overall authorisation process ranges from four to 20 months or more across competent authorities. The quality of applications and applicants’ timeliness in addressing issues identified appear to be key reasons for delay, but different timelines set out in national laws and different procedural approaches in the acceptance and assessment of applications also cause variations in duration. The review, therefore: (a) sets out follow-up measures for specific competent authorities on how they should improve practices to fully implement the Guidelines. Follow-up measures are also set out for all competent authorities in key areas. The EBA will review the implementation of these measures in two years’ time; (b) concludes that any future review of the Guidelines should provide more detailed guidance on how the proportionality principle should be applied in assessing the suitability of shareholders with qualifying holdings; and (c) recommends that the EC clarifies, as part of its ongoing PSD2 review process, the delineation between the different categories of payment services and e-money issuance, the applicable governance arrangements for institutions, including the criteria that competent authorities should use in assessing the suitability of management, and what having sufficient local substance requires.
Corrigenda to Delegated and Implementing Regulations on authorisation applications under CRD IV published in OJ
On 12 January, two Corrigenda amending a Delegated and an Implementing Regulation supplementing the CRD IV were published in the OJ: (i) Corrigendum to Delegated Regulation (EU) 2022/2580 supplementing the CRD IV with regard to RTS specifying the information to be provided in the application for the authorisation as a credit institution, and specifying the obstacles which may prevent the effective exercise of supervisory functions of competent authorities. The Corrigendum inputs the application date of 18 July; and (ii) Corrigendum to Implementing Regulation (EU) 2022/2581 laying down ITS for the application of the CRD IV with regard to provision of information in applications for authorisation of a credit institution. The Corrigendum inputs the OJ reference number of Delegated Regulation (EU) 2022/2580 and the application date of 18 July.
Corrigendum to Delegated Regulation (EU) 2022/2580
Corrigendum to Implementing Regulation (EU) 2022/2581
PRA Dear CEO letters to UK deposit-takers and international banks active in the UK on 2023 priorities
On 10 January, the PRA sent Dear CEO letters to UK deposit-takers, and to international banks that are active in the UK, providing an overview of its priorities for 2023. These include: (i) financial resilience – the PRA expects firms to take proactive steps to assess the implications of the evolving economic outlook on the sustainability of their business models; (ii) risk management and governance – despite regular messaging from the PRA on the subject, firms continue to unintentionally accrue large and concentrated exposures to single counterparties, without fully understanding the risks that could arise. The PRA will therefore focus on firms’ ability to monitor and manage counterparty exposures, particularly to non-bank financial institutions; (iii) operational risk and resilience – the PRA will assess firms’ use of the new framework and the testing that firms are conducting, to assess whether they can remain within their impact tolerance for each important business service in the event of a severe but plausible disruption to their operations. The PRA notes in particular its expectations that firms monitor risks arising from changes in payment systems on account of digitisation (the BoE is introducing the delivery of ISO 20022 messaging in CHAPS on 19 June), outsourcing to cloud providers, and offering crypto-products; and (vi) data – the PRA will be engaging with firms in 2023 on which data it collects as part of the Banking Data Review, and will continue to consult firms on the long-term reforms to how data is collected as part of the Transforming Data Collection Programme. The PRA also outlines its expectations regarding financial risks arising from climate change, and diversity, equity and inclusion. Specific to deposit takers, the PRA’s priorities for 2023 include: (a) credit risk – the PRA’s focus will include assessing deposit takers’ early warning indicator frameworks given many credit risk metrics are backward looking. Firms should expect increased engagement, including targeted requests for enhanced data and analysis; and (b) model risk - firms must comply with the finalised model risk management principles for banks, which the PRA expects to publish in H1 2023.
Regulatory reform post Brexit
FSM Bill second reading in House of Lords
On 10 January, the FSM Bill had its second reading in the House of Lords. The House of Lords committee stage is scheduled to begin on 25 January.
Corrigendum to Delegated Regulation (EU) 2022/1288 under SFDR published in OJ
On 12 January, a Corrigendum to Delegated Regulation (EU) 2022/1288 supplementing the SFDR
with regard to RTS specifying the details of the content and presentation of the information in relation to the principle of ‘do no significant harm’, specifying the content, methodologies and presentation of information in relation to sustainability indicators and adverse sustainability impacts, and the content and presentation of the information in relation to the promotion of environmental or social characteristics and sustainable investment objectives in pre-contractual documents, on websites and in periodic reports, was published in the OJ. The Corrigendum amends the wording of the title that previously omitted part of the reference number.
Five EEA Joint Committee Decisions amending Annex IX (Financial Services) to EEA Agreement published in OJ
On 12 January, five Decisions of the EEA Joint Committee that amend Annex IX (Financial Services) to the EEA Agreement were published in the OJ: (i) Decision No 258/2019, which incorporates Implementing Regulation (EU) 2019/1285 supplementing Solvency II; (ii) Decision No 259/2019, which incorporates MAR. The Decision also repeals under the EEA Agreement the Market Abuse Directive and its supplementing Regulation and Directives; (iii) Decision No 260/2019, which incorporates Regulation (EU) 2018/1717 amending Regulation (EU) 1093/2010 as regards the location of the seat of the EBA; (iv) Decision No 261/2019, which incorporates Delegated Regulation (EU) 2018/72 supplementing the IFR; and (v) Decision No 271/2019, which incorporates Implementing Decision (EU) 2019/545 amending Implementing Decision (EU) 2018/2030 on the temporary equivalence of the UK's regulatory framework for CSDs under the CSDR. Decision Nos. 258, 259 and 260 entry into force date is 26 October 2019, provided all the EEA Agreement Article 103(1) notifications have been made. Decision No. 261’s entry into force date is the same date, or on the entry into force date of Decision No 21/2019, whichever is the later. Decision No. 271’s entry into force date is 31 October 2019, provided all of the Article 103(1) notifications have been made, or on the entry into force date of Decision No 18/2019, whichever is the later.