January 2020 regulatory update

By Joseph Paice | Uncategorized | 0 Comments

Implementing CRD IV: capital buffers

An updated version of the supervisory statement was released and took effect on 23 January 2020, following PS2/20 ‘Pillar 2 capital: Updates to the framework’.

In CP5/13, the Prudential Regulation Authority (PRA) set out proposals for implementing the Capital Requirements Directive (CRD IV) provisions on capital buffers. The PRA’s rules on the CRD IV buffers were not included in its statement, Strengthening capital standards: implementing CRD IV, feedback and final rules – PS7/13 as Her Majesty’s Treasury first needed to designate the authorities responsible for each buffer.

The designation is now made so the PRA publishes its rules and supervisory statements to implement the CRD IV provisions on capital buffers in the UK for banks, building societies and PRA designated investment firms. The PRA’s rules and supervisory statement do not apply to investment firms supervised by the Financial Conduct Authority (FCA).



HM Treasury responds to consultation on implementing MLD5

HM Treasury responded to the feedback on the Fifth Money-Laundering Directive. The points which are important to note:

  • Electronic money, or e-money, is an electronic store of monetary value on a device (such as a prepaid card) that may be widely used for making payments and value transfers, which does not necessarily involve bank account transactions. These instruments pose ML/TF risks, but certain low risk e-money products are exempted from certain CDD measures by the regulations. 5MLD reduces the thresholds above which CDD must be applied, meaning e-money firms will have to conduct CDD measures on a greater proportion of transactions.
  • CDD: Where the beneficial owner identified is the senior managing official as referred to in Article 3(6) (a) (ii), obliged entities shall take the necessary reasonable measures to verify the identity of the natural person who holds the position of senior managing official and shall keep records of the actions taken as well as any difficulties encountered during the verification process.
  • CDD: Relevant persons should be “required to understand the nature of their customer’s business and its ownership and control structure.
  • Cryptoassets: The Cryptoassets Taskforce established a framework of three broad types of cryptoassets: exchange tokens, security tokens, and utility tokens.
  • CDD: The regulation mandates that reporters cease transactions and consider filing a Suspicious Activity Report (SAR) where they cannot apply CDD under regulation 28. Regulation 31 does not however explicitly apply to situations where a reporter cannot apply the additional CDD measures for credit institutions and financial institutions set out in regulation 29 or the EDD measures set out in regulations 33-35.
  • Identifying UBOs: 5MLD requires that whenever an obliged entity enters into a new business relationship with a company or trust that is subject to beneficial ownership registration requirements (as set out in chapters 8 and 9), they must collect either: proof of registration on this register OR an excerpt of the register. This will be required only when a new business relationship is established, and will not apply for already existing relationships.
  • EDD: MLD5 requires obliged entities to apply a newly defined set of EDD measures with respect to business relationships and transactions involving high-risk third countries. As such, obliged entities are required to obtain additional information on: the customer and beneficial owner(s), the intended nature of the business relationship, the source of funds and wealth of the customer and beneficial owner(s), the reasons for the intended or performed transactions.
  • Beneficial Owner: Where an obliged entity notices a discrepancy between the information it holds and that on the publicly accessible register, it could be required to report this to Companies House through a bespoke reporting mechanism. This report could include detail on the name of the reporting individual and obliged entity, and the nature of the discrepancy.
  • Trust Registration: 5MLD expands the scope of this register by requiring trustees or agents of all UK and some non-EU resident express trusts to register those trusts with the TRS, whether or not the trust has incurred a UK tax consequence. It also requires the government to share data from the register with a range of persons under certain circumstances.

The legislation currently requires the trustee of any express trust that is liable to pay one or more of six specified taxes to register that trust on TRS.

For trusts created on or after 1 April 2020, the government proposes that the trust should be registered within 30 days of its creation.

The government will be implementing HMT’s proposed deadline of 31 March 2021 for existing unregistered trusts to be registered on the Trust Registration Service (TRS).


Christopher Woolard appointed Interim Chief Executive of the FCA

Christopher Woolard took on the Chief Executive role on 24 January 2020, following Andrew Bailey’s departure to become Governor of the Bank of England. Chris is currently the FCA’s Executive Director of Strategy and Competition and an Executive member of the FCA’s Board.

PSR speech providing clarity on its response to APP scams

The Payment Systems Regulator (PSR) published a speech by Chris Hemsley on 23 January 2020, Managing Director of the PSR, laying out his views on ensuring that victims of authorised push payment (APP) fraud are reimbursed.

In order to prevent the APP scams, the PSR has required the introduction of Confirmation of Payee by the end of March 2020. This means that banks have to check the following credentials: name on the account of the beneficiary, as well as the account number and sort code, so that customers can confirm that they are paying the right account, this way incorrect instructions will be eliminated.

The PSR welcomed the voluntary Contingent Reimbursement Model Code (CRM) that a significant proportion of the industry signed up to in May 2019. The code, which is governed by the Lending Standards Board, is intended to ensure customers who fall victim to an APP scam will be reimbursed for their losses, provided they’ve taken the right precautions when making payments.

More banks and building societies are encouraged to sign up to the code, or at least apply equivalent standards of protection.

SFO publishes new ‘internal’ guidance for evaluating compliance programs

The guidance they SFO published is for internal use, which was shared with the public for the interests of transparency. It is basically setting standards and giving directions about the information a CMP should contain.

It outlines the stages at which the SFO will examine a company’s compliance in case there are allegations and when a decision has to be made whether the company is to charged of offense or not.

A compliance programme’ is an organisation’s internal systems and procedures for helping to ensure that the organisation – and those working for it – comply with legal requirements and internal policies and procedures. Generally, there has been an increased focus on compliance’ over recent years as organisations recognise the importance of effective compliance procedures in helping reduce the risks of regulatory breaches and the resulting financial and reputational harm.

The new guidance outlines and is based around the six principles detailed in the Bribery Act guidance published in 2011 by the Ministry of Justice.

  • Principle 1: Proportionate Procedures
  • Principle 2: Top Level Commitment
  • Principle 3: Risk Assessment
  • Principle 4: due diligence
  • Principle 5: Communication (Including training)
  • Principle 6: Monitoring and Review

The guidelines are not as prescriptive as the firms would want them to be, but the main point is that an effective compliance programme, one which will be in a position to defend an organization is not a ‘paper exercise’. A compliance programme must be specific for each organization to its size, and organisations need to determine what is appropriate for the field in which it operates. It is critical that the compliance programme is proportionate, risk based and regularly reviewed.


ESMA Published an Update on Governance and Reporting Obligations Following the UK’s Withdrawal from the European Union

The European Securities and Markets Authority (ESMA) published a statement on the 31 January 2020 to clarify issues relating to its governance and the reporting obligations for UK entities from 1 February 2020 following the United Kingdom’s (UK) withdrawal from the European Union (EU).

The terms of the Withdrawal Agreement (WA) stipulate that UK representatives will no longer be permitted to participate in the EU institutions, agencies, or other bodies, and their governance structures, except where exceptionally justified, under the conditions set out in Article 128(5) of the WA. Therefore, from 1 February:

  • The UK Financial Conduct Authority (FCA) will no longer be a member of ESMA’s Board of Supervisors or participate in any of ESMA’s other governance bodies.

By virtue of the WA, EU law will continue to apply to the UK, as if it were a Member State, during the transition period from 1 February 2020 to 31 December 2020. This means for instance that:

  • rights and obligations for UK entities under EU law will also continue to apply – such as reporting and notification obligations under MiFIDII/MiFIR, EMIR, CSDR, AIFMD, MMFR; and
  • ESMA will continue to directly supervise registered Credit Rating Agencies, Trade Repositories and Securitisation Repositories established in the UK during this period.

ESMA will continue monitoring by the end of 2020 the application of EU law to/in the UK and will closely monitor developments in preparation for the end of the transition period. ESMA will also engage and provide input as necessary with/to the European Commission.

ESMA Published Draft technical standards on the provision of investment services and activities in the Union by third-country firms under MiFID II and MiFIR

This paper sets out for consultation draft technical standards on the provision of investment services and activities in the Union by third-country firms.

Regulation (EU) No 2019/2033 of the European Parliament and of the Council of 27 November 2019 on the prudential requirements of investment firms and amending Regulations (EU) No 1093/2010, (EU) No 575/2013, (EU) No 600/2014 and (EU) No 806/2014 (the “IFR”) introduces changes to, inter alia, the existing MiFIR regime for third country firms that intend to provide investment services and activities to eligible counterparties and per se professional clients. These changes include a significant reporting flow from third-country firms to ESMA, on an annual basis.

Third-country firms providing investment services and activities in the Union will be required to report granular information on such services and activities to ESMA, on an annual basis, and to provide ESMA with access to relevant data.

Third-country firms will have to provide information annually on:

  • the scale and scope of the services and activities carried out by the firm
  • for companies dealing on own account they will need to provide info on its monthly minimum, average and maximum exposure to EU counterparties
  • For those who underwrite financial instruments and/or place financial instruments on a firm commitment basis, they will have to inform on the total value of financial instruments originating from EU counterparties underwritten or placed on a firm commitment basis over the last twelve months;
  • the turnover and the aggregated value of the assets corresponding to the services and activities carried out by the firm
  • whether investor protection arrangements have been taken, and a detailed description thereof;
  • the risk management policy and arrangements applied by the third-ountry firm to the carrying out of the services and activities
  • the governance arrangements, including key function holders for the activities of the third-country firm in the EU
  • and any info that may be relevant to the carrying out of the duties of the competent authorities in accordance with MiFIR.

ESMA has the power to ask third-country firms registered in its register to provide the data relating to all orders and all transactions in the Union, whether on own account or on behalf of a client, for a period of five years.

ESMA has the power to conduct on-site inspections.

ESMA may temporarily prohibit or restrict the provision of investment services or activities in the Union by a third-country firm, where the firm has failed to comply with the product intervention measures taken by ESMA or the EBA or the competent authorities

ESMA is mandated to prepare draft technical standards in relation to the revised third-country regime under MiFIR and MiFID II.

ESMA will consider the responses to this consultation when developing the draft Technical Standards for the European Commission. The closing date for responses from stakeholders is 31 March 2020.

FCA becomes AML and CTF supervisor of UK cryptoasset activities

The FCA is now the anti-money laundering and counter terrorist financing (AML/CTF) supervisor for businesses carrying out certain cryptoasset activities under the amended Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (MLRs).

Any UK business conducting specific cryptoasset activities falls under the new rules of the regulations and will need to comply with their requirements.

Amongst other things, cryptoasset businesses is required to:

  • identify and assess the risks of money laundering and terrorist financing which their business is subject to;
  • have policies, systems and controls to mitigate the risk of the business being used for the purposes of money laundering or terrorist financing;
  • where appropriate to the size and nature of its business, appoint an individual who is a member of the board or senior management to be responsible for compliance with the MLRs;
  • undertake customer due diligence when entering into a business relationship or occasional transactions;
  • apply more intrusive due diligence, known as enhanced due diligence, when dealing with customers who may present a higher money laundering/terrorist finance risk. This includes customers who meet the definition of a politically exposed person;
  • undertake ongoing monitoring of all customers to ensure that transactions are consistent with the business’s knowledge of the customer and the customer’s business and risk profile.

UK businesses undertaking cryptoasset must register with the FCA:

  • New businesses carrying out cryptoasset activity in scope of the MLRs must be registered with the FCA before conducting businesses.
  • Existing businesses already conducting cryptoasset activity before 10 January 2020 may continue their business but will need to ensure their compliance with the MLRs with immediate effect.
  • All existing businesses undertaking cryptoasset activities must be registered by January 2021. To ensure this deadline is met, these businesses must submit a completed application for registration by June 2020 (via the Connect system).
  • Existing Financial Services and Markets Act firms, e-money institutions or payment services businesses undertaking cryptoasset activity will also be required to apply for registration.

For further information on the scope of the cryptoassests, please visit the following pages: https://www.fca.org.uk/firms/financial-crime/cryptoassets-aml-ctf-regime

FCA statement on Assessing Suitability Review 2

The review of the market for pensions and investments will focus on the advice that consumers receive in regards to retirement income. With various options now available in retirement planning, it is important that consumers get good advice at the point they access their pension savings and after that.

The FCA review will involve a representative sample, to build a view of the retirement income advice market in 2020.

The review is a key element of FCA’s broader strategy for the financial advice sector. Other key points include ongoing work on defined benefit pension transfer advice, activities targeting pension and investment scams, and focus on firms holding adequate financial resources and professional indemnity insurance. FCA will also conduct a review on how firms have implemented the new senior managers and certification regime (SM&CR).

The regulator has published a Dear CEO Letter for financial advisers, which navigates them though the new requirements.

Information for firms during the Brexit implementation period

There will be no changes to the reporting obligations for firms, including those for MiFIR transaction reporting, under EMIR, and for Credit Rating Agencies (CRAs), which will continue in line with existing EU regulatory requirements.

The windows for EEA firms to notify the FCA that they want to use the Temporary Permissions Regime (TPR) was closed on the 30 January 2020. The TPR allows relevant firms and funds, which passport into the UK, to continue operating in the UK when the passporting regime falls away at the end of the implementation period, the end of 2020.

Firms and fund managers that have already submitted a notification do not need to take further actions as of now. FCA will announce its plans for reopening the notification window later this year, which will allow additional notifications to be made by firms and fund managers before the end of the implementation period.


Firms now need to update or confirm their Firm Details annually

All firms regulated by the FCA (except for those which are exempt under SUP 16.10) are obliged to update and confirm the accuracy of their Firm Details annually, using the FCA’s Connect system. They will need to do this within 60 business days of their Accounting Reference Date (ARD).

Even if the details of the firm have not changed from the previous year, they will still need to be confirmed into the system before the deadline.

If firms do not comply, regulatory enforcement tools will be used.

Dear CEO Letter: the approach to customers who have been in Persistent Debt for 36 months (PD36)

Persistent debt (PD) rules came into force on 1st March 2018. They are part of a package of remedies to address harms identified in the Credit Card Market Study’s final report in 2016 (MS14/6.3). It is part of the regulator’s ongoing supervision of the implementation of the PD remedies, particularly regarding steps required where a customer has been in PD for a period of 36 months.

The PD rules apply to customers who, over a period of 18 months, have paid more in interest, fees and charges than they have repaid of the principal balance on their card. If a customer meets the definition of being in PD36, FCA require firms to try and help their customers to pay more quickly in a way that does not affect customer’s life adversely. Firms must consider their entire credit card customer portfolio (both performing and non-performing) to identify customers in persistent debt.

The credit card institution/bank should offer period of repayment between 3 and 4 years and only, in exceptional circumstances this period could extend beyond 4 years (but this should not result in additional cost to the customer). Where the repayment options proposed by a firm are not sustainable for the customer, they will be in a better position if they contact the firm as they are entitled to receive forbearance (potentially including the reduction, waiving or cancellation of interest and charges).

The PD rules only require the suspension or cancellation of cards where a customer: either does not respond to the repayment options proposed within the time specified by the firm; or confirms that one or more of the proposed options are affordable but that they will not make increased payments.

There has to be an appropriate written notice to the customer about a suspension/cancelation of a credit card, which should be objectively justified by the creditor.




Handbook 73

The FCA made further clarification on changes it made on 12 December 2019, 10 January 2020 and 30 January 2020. All these are included in a Handbook 73:

  • Conduct of Business Sourcebook (Independent Governance Committees) Instrument 2019
  • Fees (Cryptoasset Business) Instrument 2020
  • Mortgages (Advice) Instrument 2020
  • Supervision Manual (Reporting No 13) Instrument 2020
  • Impact of the Withdrawal Agreement
  • European Union Withdrawal Instruments