Financial Services Regulation and Compliance - General Cross Sectoral June 2022
Financial Services Regulation and Compliance - General Cross Sectoral June 2022
CBI hosts inaugural meeting of the Climate Forum and publishes Sustainable Investment Charter
On 29 June 2022, the CBI hosted the inaugural meeting of the Climate Risk and Sustainable Finance Forum. The forum is a consultative forum for building a shared approach to the understanding and management of the risks and opportunities posed by climate change to the financial system. The minutes of the meeting will be published within four weeks of the meeting taking place.
The CBI also published its inaugural Sustainable Investment Charter that will guide the application of sustainable investment principles to the CBI's investment assets. The CBI's approach to sustainable investment will focus on exclusion, impact investing and environmental, social and governance integration as core strategies. The CBI will report annually on progress made in its commitment to incorporating sustainable investment principles. As of early 2023, the CBI will disclose climate change-related metrics of the investment assets.
Consumer Credit (Amendment) Bill 2022 signed into law
On 29 June 2022, President Michael Higgins has signed the Consumer Credit (Amendment) Bill 2022 and it has accordingly become law.
CBI 2021 report on protected disclosure
On 27 June 2022, the CBI published its 2021 report on protected disclosures. During the reporting period 1 January 2021 to 31 December 2021, the CBI received 231 protected disclosures from external reports and 1 protected disclosure from its workers. The information received as a protected disclosure led to enhanced supervision, risk mitigation programmes, inspections, warning notices and enforcement action.
Individual accountability – a maturing of financial regulation – speech by Gerry Cross at Arthur Cox Client Seminar
On 24 June 2022, Gerry Cross, director of financial regulation: policy and risk, delivered a speech on the new Individual and Senior Executive Accountability framework, which will come into effect in 2023. His speech considered some key aspects of the new framework including the CBI's approach to the regulations and guidelines that will implement the primary legislation. In particular, his speech provided clarifications and guidance on certain aspects of the Senior Executive Accountability Regime (SEAR), including:
the initial scope of application of SEAR will include credit institutions, insurance undertakings and higher risk activity investment firms
the CBI proposes to align the senior executive functions (SEFs) roles with the pre-approved control functions roles
the regulations will set out the "inherent" and "prescribed" responsibilities of SEFs
guidance will be provided on the compilation of the responsibility map
SEAR will be applied to outgoing branches but not incoming EEA branches
(independent) non-executive directors are proposed to be SEFs under SEAR
where outsourcing arrangements are in place, the CBI expects there to be a SEF in the regulated firm with responsibility for outsourcing arrangements
the CBI intends to provide further guidance on the behaviour of SEFs to comply with his/her statutory duty of responsibility and what steps may be considered reasonable to avoid the prescribed contravention
the common conduct standards
The CBI is currently finalising the relevant regulations and guidance to aid firms in their implementation of the regime. These will form part of the CBI's consultation package to be published immediately after the legislation is adopted (expected to be later next year).
CBI contacts business groups regarding financial sanctions obligations
On 16 June 2022, the CBI issued a letter to business and professional representative bodies, to provide information to assist their members to meet their obligations under the EU financial sanctions. The letter reminds businesses or individuals in possession or control of funds or economic resources of a person/ entity that is subject to a financial sanction, that the business or individual are legally obliged to:
freeze the funds or economic resources
refuse to deal with or release the funds or economic resources to be sanctioned person, unless there is an available exemption and authorisation is obtained from the CBI
report the freezing of the funds or economic resources to the CBI using the sanctions return form and submit via email to email@example.com
Where an individual or entity suspects that a breach of the sanctions has or will occur it must report this to An Garda Síochána. The individual or entity can also bring this to the attention to the European Commission anonymously via the EU Sanctions Whistleblower Tools.
Notification of the use of the limited network exclusion
On 1 June 2022, the CBI published the form to be used for notification of the use of the limited network exclusion under regulation 45 of the European Union (Payments Services) Regulations 2018 (PSR). The notification form sets out the information that should be submitted to the CBI by a service provider that is providing services of the type falling within the scope of regulation 4(k)(i) and (ii) of the PSR. It is being made available to facilitate service providers seeking to fulfil their initial notification obligations as set out in Regulation 45 of the PSR and the EBA Guidelines on the limited network exclusion under PSD2.
EBA publishes its final Guidelines on data collection exercises regarding high earners
On 30 June 2022, the EBA published its final updated guidelines on the data collection exercise on high earners, which were originally released in 2012 and revised in 2014. The update reflects:
the amended remuneration framework laid down in the Capital Requirements Directive (CRD), including the introduction of derogations to pay out a part of the variable remuneration in instruments and under deferral arrangements
the specific remuneration regime that has been introduced for investment firms
The EBA guidelines on the data collection exercise regarding high earners from 16 July 2014 are repealed with effect from 31 December 2022. The annual collection of data regarding high earners under the updated guidelines should start in 2023 for the financial year that ends in 2022. The EBA will continue to annually publish high-earners data on an aggregate home Member State basis in a common format.
EBA publishes its final guidelines on the remuneration and gender pay gap benchmarking exercise under the Capital Requirements Directive and the Investment Firms Directive
On 30 June 2022, the EBA published its final updated guidelines on the remuneration and gender pay gap benchmarking exercise under the Capital Requirements Directive (CRD) and the Investment Firms Directive (IFD), which were originally published in 2012 and updated in 2014. The update takes into account additional requirements introduced by CRD V regarding the application of derogations and the benchmarking of the gender pay gap. The EBA also added guidance to harmonise the benchmarking of approvals granted by shareholders to use higher ratios than 100% between the variable and fixed remuneration. The guidelines have revised the templates for data collection and introduced specific templates for the benchmarking of the gender pay gap.
The guidelines apply from 31 December 2022. The benchmarking data for the financial year ending in 2022, excluding gender pay gap data, should be submitted by institutions and investment firms to competent authorities by 31 August 2023, and by competent authorities to the EBA by 31 October 2023. The first benchmarking exercise regarding the gender pay pap should concern the financial year 2023.
Digital Finance: agreement reached on European crypto-assets regulation (MiCA)
On 30 June 2022, the Council and the European Parliament reached a provisional agreement on the Markets in Crypto-Assets (MiCA) proposal following three months of trilogue negotiations. Under the provisional agreement reached, crypto-asset service providers will need an authorisation to operate within the EU. The provisional agreement is subject to approval by the Council and the European Parliament before going through the formal adoption procedure.
Currently, non-fungible tokens (NFTs) are excluded from the scope (except if they fall under existing crypto-asset categories). The European Commission will assess 18 months after MiCA comes into force to see if a NFT specific regime is necessary.
Crypto assets: deal on new rules to stop illicit flows in the EU
On 29 June 2022, the Council and the European Parliament reached a provisional agreement on a new bill for tracing transfers of crypto-assets. This forms part of the new EU anti-money laundering package and the new bill will be aligned with MiCA. Key features include:
Transfers in crypto assets will be covered by the "travel rule". This rule requires information on the source of the asset and its beneficiary to travel with the transaction and stored on both sides of the transfer. Crypto-asset service providers (CASPs) will be obliged to provide this information to competent authorities if an investigation is conducted into money laundering and terrorist financing.
There will be no minimum thresholds nor exemptions for low-value transfers, as originally proposed.
Before making the crypto-assets available to beneficiaries, CASPs will have to verify that the source of the asset is not subject to restrictive measures or sanctions, and there are no risks of money laundering or terrorist financing.
Transactions from a crypto-asset wallet address that is in the custody of a private user (an un-hosted wallet) is covered when they interact with hosted wallets managed by CASPs.
The rules do not apply to person-to-person transfers conducted without a provider, such as bitcoins trading platforms, or among providers acting on their own behalf.
New EU Authority for anti-money laundering
On 29 June 2022, the Council agreed its partial position on the proposal to create a dedicated anti-money laundering authority (AMLA). In its position, the Council adds powers to the AMLA to directly supervise certain types of credit and financial institutions, including crypto asset service providers, if they are considered risky. It also entrusts AMLA to supervise up to 40 groups and entities - at least in the first selection process – and to ensure a complete coverage of the internal market under its supervision. More powers are also given to the general board in the governance of AMLA. The Council's position is partial, as it has not yet agreed on the location at which the AMLA will have its seat.
EBA adopts decision on reporting of payment fraud data under PSD2
On 24 June 2022, the EBA adopted a decision on the reporting by competent authorities of payment fraud data under the payment services directive (PSD2). The decision allows the establishment of a streamlined workflow arrangement whereby the ECB, on behalf of the relevant competent authorities, could submit data in line with the specifications set out in the European Centralised Infrastructure of Data decision. Competent authorities shall report to the EBA the payment fraud data under the PSD2, as specified in the EBA guidelines on fraud reporting, via the EUCLID and according to the EBA data point model.
EBA replies to Commission's call for advice on the review of the PSD2
On 23 June 2022, the EBA published an opinion and report in response to the European Commission's call for advice on the review of the PSD2. In its response, the EBA puts forward proposals that would contribute to the development of the single EU retail payments market and ensure a harmonised and consistent application of the legal requirements across the EU. In particular, the EBA's proposals aim at enhancing competition, facilitating innovation, protecting consumers' funds and data, fostering the development of user-friendly services, and preventing exclusion from access to payment services, as well as ensuring a harmonised and consistent application of the legal requirements across the EU.
The proposed amendments include:
merging the PSD2 and the Electronic Money Directive
clarifying the application of strong customer authentication (SCA) and the transactions in scope
addressing new security risks for customers such as social engineering fraud where customers are tricked into initiating a payment transaction
addressing concerns about authentication approaches (e.g. based on smartphones) that have led to exclusion of certain groups of society from using payment services online
addressing underlying issues and obstacles to the provision of payment initiation services (PIS) and account information services (AIS), including the proposals for (i) AIS providers to apply their own SCA with their customers instead of relying on the authentication procedures by banks, (ii) empower customers to remain in control of their data; and (iii) support the development of high-quality interfaces across the EU
moving from 'open banking’ to ‘open finance’ (or otherwise the expansion from access to payment accounts data towards access to other types of financial data) and the opportunities and potential challenges associated with it, based on the PSD2 experience
addressing the enforcement shortcomings in relation to the implementation and application of SCA for e-commerce card-based transactions and the removal of obstacles to the provision of AIS and PIS
addressing unwarranted de-risking practices by banks affecting payment and e-money institutions, and
adjusting the prudential requirements, in particular in relation to initial capital, own funds, the use of professional indemnity insurance, the proposal for recovery and wind-down for significant payment institutions and possible consolidation group supervision
Standardisation of QR-codes for mobile initiated SEPA (instant) credit transfers
On 17 June 2022, the European Payments Council (EPC) published the final version of the standardisation of QR-codes for mobile initiated SEPA (instant) credit transfers (MSCTs). This document is published following the eight-week public consultation on a draft version of the document launched earlier this year and closed on 14 April 2022. The document standardises a payee- and a payer-presented QR-code for all types of MSCTs, i.e. all payment contexts: person-to-person, consumer-to-business, business-to-business and business to consumer while addressing both SEPA Instant Credit Transfer (SCT Inst) and SCT payments.
EBA publishes Guidelines on role and responsibilities of the AML/CFT compliance officer
On 14 June 2022, the EBA published its guidelines specifying the roles and responsibilities of the anti-money laundering and countering the financing of terrorism (AML/CFT) compliance officer and of the management body of credit or financial institutions. The guidelines set clear expectations on the role, tasks and responsibilities of the AML/CFT compliance officer and the management body. The guidelines will apply from 1 December 2022.
ESAs joint report on the withdrawal of authorisation for serious breaches of AML/CFT rules
On 1 June 2022, the European supervisory authorities (EBA, CIOPA and ESMA – ESAs) published a joint report on the withdrawal of authorisation for serious breaches of the rules on anti-money laundering and countering the financing of terrorism (AML/CFT). The report provides a comprehensive analysis on the completeness, adequacy and uniformity of the applicable laws and practices on the withdrawal of license for serious breaches of the rules on AML/CFT. The report calls for:
the introduction in all relevant EU sectoral laws of a specific legal ground to revoke licences for serious breaches of AML/CFT rules
the inclusion of assessments by competent authorities of the adequacy of the arrangements and processes to ensure AML/CFT compliance as one condition for granting authorisation or registration
Council adopts its position on new rules for consumer credit
On 9 June 2022, the Council agreed its position on the revision of the Consumer Credit Directive. The revised directive repeals and replaces the existing 2008 directive on credit agreements. The Council's mandate proposes to exclude certain products from the scope, such as direct crowdfunding, rental or leasing contracts without an obligation or option to buy the property, and deferred payment and deferred debit cards (under certain conditions). The Council's mandate also proposes an optional partial derogation from certain provisions for certain less risky credit product and to merge the pre-contractual information forms that are presented to consumers.
Other changes made by the Council aim to provide greater legal certainty and include clarifications on the creditworthiness assessment, defining a maximum time limit of the right of withdrawal, the obligation to protect consumers from excessive rates, clarifications of the admission procedure, and penalties. The general approach reached provides the Council presidency with a mandate for further discussions with the European Parliament, as soon as the European Parliament adopts its position.
ECB opinion on the establishment and functioning of the European single access point
On 7 June 2022, ECB published its opinion on the Commission's proposal to establish a European single access point (ESAP) providing centralised access to publicly available information of relevant to financial services, capital markets and sustainability. The ECB welcomes the proposal as the establishment of ESAP is an important milestone in the completion of the CMU. The ECB made specific observations on the requirement to include the legal entity identifier (if available) as a mandatory attribute of the entities' qualified electronic seal , the data framework envisaged in the proposal, the compliance framework and the scope of data under ESAP.
DLT pilot regime released
On 2 June 2022, regulation 2022/858 on a pilot regime for market infrastructures based on distributed ledger technology was published in the official journal of the European union (DLT pilot regime). The DLT pilot regime allows eligible firms to apply to operate a DLT-based trading facility and/or settlement system for DLT financial instruments. The DLT pilot regime sets the conditions for operators of DLT-based market infrastructures and places limitations on the DLT financial instruments that can be admitted to trading and settled on DLT-based market infrastructure. Applications under the DLT pilot regime can be made to the CBI from 23 March 2023.
Sanctions imposed in response to the crisis in the Ukraine
Since February, the EU imposed a number of sanctions in response to the crisis in the Ukraine. Given that the crisis is developing and sanctions are continuing to evolve, the CBI is publishing details of new restrictive measures/sanctions that are adopted in this regard, as well as any associated EU/UN guidance, on their dedicated webpage.