Developing/
Implementing
8.5
Delivering ESG and
sustainable finance
In Q1 2023 there will be a new Green Finance Strategy from the UK Government which may further clarify expectations from and for regulators. The EU continues to push forward with its Sustainable Finance Action Plan and the European Green Deal. All of these initiatives impact the financial sector and regulatory expectations of firms.
ESG and sustainability issues continue to be at the top of regulatory agendas – the EBA, EIOPA, ESMA, BoE, PRA and FCA all have aspects of ESG and sustainable finance in their key priorities for the year.
Greenwashing concerns are paramount and are driving regulatory initiatives on product labels, ESG data and ratings and corporate due diligence, together with the ongoing development of reporting and disclosure standards, and associated assurance requirements.
Investment managers and financial advisers are increasingly expected to consider sustainability risks in their investment and advice processes, even when they do not offer or specifically advise on green products.
The measurement and management of climate-related risk has moved largely into business as usual supervision for banks and insurers, although further progress is required.
New requirements for transition plans are emerging and will place additional pressures on firms already grappling with existing disclosures. And nature and biodiversity are sharply in focus both from a risk management and disclosure perspective.
ESG and Sustainable Finance again has the highest regulatory impact score across the key themes. The pressure on firms should be expected to persist as disclosure requirements are implemented, supervisors increase their expectations around climate risk and developments on taxonomies, ESG data and ratings, product labels and carbon markets ramp up. The slight drop in score reflects initiatives that have not moved to implementation due to delays in issuing final policy/legislation e.g. taxonomies.
Climate-related financial risk for banks and insurers
Climate-related risks have the potential to undermine the safety and soundness of both firms and the wider economy. Banks and insurers are required to embed consideration of sustainability factors into their risk frameworks and stress testing. They should understand their own and their clients’ exposures when determining their strategy and business model. Longer term changes to capital and solvency requirements are still being considered.
Read more
Taxonomies
Taxonomies are intended to provide consistent definitions of what can be considered as environmentally or more broadly sustainable. A general slow-down in the development of taxonomies means that firms need to create their own frameworks or depend on evolving industry norms. The EU Taxonomy (Level 1) is now well established for environmental objectives, but more detailed rules continue to be challenging to develop and activity on social objectives has stalled. The proposed UK Green Taxonomy is behind schedule and the substance of it may change in line with UK Government sustainability priorities.
Read more
Reporting and disclosures
Requirements for corporate reporting (including transition plans) and other ESG disclosures continue to expand. Regulators and standard-setters seek comparability and consistency, to provide investors and other stakeholders with the transparency they require, to minimise the risks of greenwashing, and where possible to harmonise global standards. The scope of reporting and disclosures will grow to incorporate social and nature-related risks.
Read more
Product labels and standards
Sustainable product labels are being developed, which will impact the use of current industry labelling frameworks across all sectors. The UK is introducing a suite of product labels for investment products and in the EU, work continues on the EU Green Bond Standard, but development of an EU Ecolabel is on hold.
Read more
Data and ratings
The market for ESG financial indices and benchmarks is growing. There are calls for ESG data and rating providers to be regulated and they should expect to come under increased regulatory scrutiny. Both ESMA and the FCA are looking at the way credit ratings agencies incorporate ESG factors into their methodologies.
Read more
Carbon markets
With firms needing to deliver on their own or government net zero commitments, and present credible net zero transition plans, they are likely to turn to carbon markets as part of the solution. However, there is a patchwork of regulation and calls for greater consistency and transparency.
Read more
Portfolio management and advice
As well as being subject to the SFDR disclosure requirements, EU buy-side market participants need to meet requirements regarding the integration of sustainability risks and factors, understanding clients’ preferences, and new considerations within the product manufacturing and distribution process. While similar requirements have not yet been adopted in the UK, the FCA has signalled its plans to consult on sustainability preferences. It has also launched a discussion paper that could in future lead to new requirements relating to firms’ governance, incentives and competence in the context of sustainability.
Read more
Considerations for firms
- Do we understand the extent of our own and our clients’ ESG exposures?
- Have we considered the full range of new regulations or amendments that will impact us directly or indirectly?
- Are we embedding our approaches to risk and disclosures in line with supervisory and other stakeholder expectations?
- Have we mapped our investment products against proposed labelling requirements and naming restrictions?
Taxonomies
Requirements for the remaining four EU environmental objectives were expected to apply from 1 January 2023, alongside the Complementary Climate Delegated Regulation which introduced some gas and nuclear activities to the Taxonomy. However, the level 2 rules for these objectives have yet to be issued.
Progress on an EU Social Taxonomy has stalled, due to the complexity of the challenge and, most likely, to political pressure to prioritise other initiatives. The Platform on Sustainable Finance (PSF) released recommendations on how to achieve compliance with the ‘minimum safeguards’ criteria, noting that compliance with certain S-related criteria could be achieved through existing regulations without the need for a Social Taxonomy.
The UK’s proposed Green Taxonomy has taken longer than expected to get off the ground. It was expected to be structured in a similar way to the EU Taxonomy, with the same six environmental objectives, ‘do no significant harm’ requirement and minimum safeguards. The Green Technical Advisory Group published its report on developing the UK Taxonomy in October 2022, but the Government announced on 14 December that it would not make secondary legislation, as previously planned, in 2022. Under the new Financial Services and Markets Bill, the Government plans to repeal the previously on-shored EU Taxonomy Regulation and has said that it will “proceed carefully” from this point. A further update is expected as part of the Green Finance Strategy in Q1 2023.
Reporting and disclosures
The International Sustainability Standards Board’s (ISSB’s) first two exposure drafts are nearing completion, with further standards to follow. The UK has committed to adopting the ISSB standards to build on existing TCFD-aligned disclosures.
The EU’s Corporate Sustainability Reporting Directive (CSRD), which significantly expands on the current Non-Financial Reporting Directive (NFRD), has been finalised, underpinned by the new European Sustainability Reporting Standards (ESRS). CSRD will be applied in phases from 2024 with first reporting in 2025 for the largest companies. Non-EU companies with significant EU operations may have obligations under CSRD.
Both TCFD and ISSB disclosures will require regulated firms and companies to provide some information about transition plans. In the UK, in line with the Government’s plan for the largest UK companies to have a net zero transition plan from 2023, the Transition Planning Taskforce (TPT) is consulting on a specific disclosure framework and implementation guidance. Once concluded, the FCA will draw on TPT outputs to strengthen transition plan disclosure expectations for listed companies, asset managers and FCA-regulated asset owners. The UK’s expectations on transition plans may drive similar requirements in other countries and regions.
Discussions continue across jurisdictions about how to make different sets of corporate reporting requirements and standards interoperable or at least complementary, to support harmonisation and reduce the burden on reporting firms.
The Task Force for Nature-related Financial Disclosures (TNFD) has issued the third iteration of its beta framework, with publication of the final framework expected in September 2023. Disclosure recommendations will be mandated at local/regional level.
Pillar 3 ESG disclosures will be required in 2023 for the largest EU banks and will be phased in until June 2024 for smaller firms. Green Asset Ratio (GAR) disclosures will also apply in 2024 (based on 2023 data). Banks may opt to disclose the Banking Taxonomy Alignment ratio (BTAR) from June 2024 with collection from counterparties on a voluntary basis.
EIOPA is working with the European Commission to determine Taxonomy-aligned disclosures that will reflect the extent to which non-life premiums and insurer investments meet the EU’s sustainability criteria. These disclosures will allow stakeholders to compare the insurance sector to other financial sectors, as well as to corporates.
Buy-side firms’ implementation of EU SFDR continues, with the level 2 rules having entered into force from January 2023. Firms are dealing with a high volume of regulatory clarifications and Q&A and need to adjust their implementation accordingly. Meanwhile, the FCA has consulted on Sustainability Disclosure Requirements (SDR) for asset managers. The policy statement is expected by 30 June 2023, the same date that the general anti-greenwashing rule for all FCA-regulated firms will come into force. Product- and entity-level sustainability disclosures will be phased in from 30 June 2024 to 30 June 2026 - building on existing TCFD-aligned reporting requirements that the largest asset managers will need to publish for the first time by 30 June this year.
Product labels and standards
The final EU Green Bond Standard (EU GBS) is yet to be issued. ESMA previously welcomed the potential of the proposals to help channel investment flows towards more sustainable activities but noted challenges in three key areas: the timing of implementing measures — so-called level 2 deliverables; the functioning of third-country regimes; and the appropriateness of the resourcing and funding model provided for ESMA's supervision, given the requirement for external verifiers for third countries.
Work on an EU Ecolabel has been delayed due to ongoing work on level 2 rules under the EU Taxonomy Regulation and SFDR. In the meantime, ESMA has published research that illustrates the challenges of appropriately calibrating the labelling criteria. Meanwhile, an increasing number of national regulators are expressing concerns about how investment products are being marketed and are taking action. In the UK, in addition to the new SDR (see Reporting and disclosures), the FCA has proposed three product labels for wealth, fund and asset managers. In-scope firms will be able to voluntarily label their products if they meet the relevant criteria for each category. Firms may need to consider how products categorised under the SFDR would be treated under the FCA’s proposals.
There is a common focus in both the UK and the EU on fund names and the use of ESG and sustainability terms. ESMA has proposed new guidelines on fund names linked to specific criteria, while the FCA’s SDR proposals would capture both names and marketing material, and restrict the use of ESG terms where products do not qualify for and use an SDR label.
Data and ratings
As the use of ESG data and ratings grows, regulators are concerned that there is little clarity and alignment on definitions, a lack of transparency around methodologies used, uneven coverage, and that conflicts of interest in the market are not managed. In the EU, although SFDR and CSRD have enhanced the availability of standardised ESG data, there are still usability issues. ESMA’s call for evidence on the market structure of ESG rating providers in the EU found an immature but growing market which, following several years of consolidation, has seen the emergence of a small number of large non-EU headquartered providers. ESMA’s work, together with a further targeted consultation by the Commission will feed into the development of appropriate regulatory safeguards and potential supervisory approaches for ESG ratings providers, which, as in the UK, are currently outside the regulatory perimeter. As part of the Edinburgh Reforms, the UK Government committed to consulting, in Q1 2023, on bringing ESG rating providers into the regulatory perimeter. The FCA has convened a panel to develop a code of conduct for ESG data and ratings providers, which may plug the gap between regulatory requirements and market expectations in the short term.
Carbon markets
The level of firms’ greenhouse gas (GHG) emissions has become a key piece of information for stakeholders, including investors, customers and regulators, driven by the race to net zero. Although regulators have not identified any immediate issues in existing legally mandated or voluntary carbon markets, they are seeking to develop regulatory mechanisms that will ensure that markets remain effective. IOSCO’s consultation on recommendations for regulators to support this work has now closed. European authorities have agreed the principles for a Carbon Border Adjustment Mechanism (CBAM), which will levy import charges on goods based on their carbon-intensity from 2026 – the UK Government is investigating a similar proposal. The EU is also in the early stages of developing a certification and verification scheme for credits linked to the removal of carbon from the atmosphere.
Portfolio management and advice
Since August 2022, EU UCITS Management Companies, AIFMs and MiFID investment firms have been required to integrate sustainability risks and sustainability factors into their investment processes, including decision-making procedures and organisational structures, risk management, due diligence, resources and conflicts of interest management. MiFID investment firms (investment managers and distributors) must incorporate ‘sustainability preferences’ into their investment advice and suitability processes, and, from November 2022, their product governance frameworks. New ESMA guidelines regarding suitability and sustainability preferences have been published and are expected to enter into force from March 2023. Product governance guidelines have been consulted on and final guidelines are expected to be published by the end of March.
The FCA has not yet adopted similar requirements across the board for UK firms. However, it has announced plans to consult on rules for financial advisers to incorporate sustainability matters and investor preferences when delivering investment advice. Most recently, the FCA launched a discussion paper on embedding sustainability-related governance, incentives and competence considerations in regulated firms. Ultimately, this could lead to further regulation, including additional measures to promote effective stewardship.
Maintaining financial
resilience
With continuing economic uncertainty – including inflationary and liquidity pressures and the potential for recession – regulators and supervisors are focused on maintaining robust levels of financial resilience and looking ahead to emerging and escalating risks. Firms are expected to maintain appropriate levels of capital and liquidity in the face of deteriorating economic conditions, and to prioritise high quality data, risk management and governance.
Implementation timelines and requirements for remaining (e.g. Basel) or revised (e.g. Solvency II) framework elements are being clarified. A new global framework has been agreed for the prudential treatment of crypto-assets by banks, and further frameworks are being developed, including resolution for insurers and a prudential regime for smaller UK banks. Stress testing remains a vital tool to monitor banks’ and insurers’ vulnerabilities.
Climate-related financial risk is now a key part of business-as-usual supervisory activity for banks and insurers in the EU and UK, while regulators and standard setters continue to debate how best to integrate climate-related risk into capital frameworks.
As well as evolving requirements and supervisory expectations for wealth and asset managers, the FCA is setting specific expectations for wider sectors. For example, in its recent portfolio letter addressed to wholesale brokers, the FCA noted that firms should have sufficient competence and expertise and should review the level of liquidity they hold to ensure it is commensurate with the risks.
The score remains relatively high reflecting significant pressures relating to Basel 4 and Solvency II for banks and insurers and the need to upskill on climate-related financial risk. Evolving regulatory initiatives (including model risk management for banks, resolution for insurers, and the Simpler Regime) ensure a continuing pipeline of significant change.
Banks
Banks must now focus on implementation of the final Basel reforms (Basel 4 or Basel 3.1) over a multi-year period. Calls for proportionality and consideration of local specificities may result in regional variations, adding to the complexity for banks operating across borders. Resolution frameworks for banks are largely complete but will be subject to ongoing review and refinement. A proportionate prudential regime for smaller firms is being developed in the UK, to reduce the regulatory burden and encourage competition, and model risk management practices are under scrutiny.
Read more
Insurers
Insurers will need to monitor closely as discussions develop, at global, regional and national levels, on how solvency rules should be recalibrated. Regulators are also focusing on the development of targeted resolution frameworks both in the UK and EU.
Read more
Investment firms
It is now more than a year since the prudential requirements for most MiFID investment firms were revised in both the UK and the EU (for wholesale brokers, asset managers, and distributors). Firms should monitor clarifications, amendments and evolving supervisory expectations. More broadly, the FCA is considering how to increase the quality and consistency of the data it receives.
Read more
Considerations for firms
- Have we clearly mapped and implemented the requirements for new or recalibrated prudential frameworks?
- Have we considered how to manage potentially divergent requirements across jurisdictions?
- Given the likelihood of continuing market volatility, are our control frameworks around credit and counterparty credit risk sufficiently robust?
Banks
Both EU and UK regulators have noted the financial resilience of banks, in spite of challenging economic conditions. They are now focused on maintaining this resilience. The ECB’s strategic priorities for 2023-25 include addressing shortcomings in credit and funding risk management, strengthening governance and risk data aggregation and reporting, and stepping up efforts on the management of climate and environmental risks (see Delivering ESG and Sustainable Finance). The PRA’s priorities are similar, including managing the financial risks arising from climate change, governance and risk management, and diversity, equity and inclusion (DEI) alongside continued focus on credit and model risk. A proposed new secondary objective for the PRA under the Financial Services and Markets Bill is driving greater consideration of the international competitiveness of the UK.
With just two years until the expected 1 January 2025 start date for implementing final Basel reforms in the EU, UK and US, banks should be mobilising. Final EU rules (CRR3/CRD6) are expected by end of 2023 or early 2024. The PRA is consulting on its implementation proposals and has been much stricter in its interpretation of the Basel standards than the EU, with only a small number of transitional arrangements and concessions. Notably, applications for internal model permissions should be submitted by 1 January 2024 for IMA for market risk and 1 July 2024 for IRB for credit risk. Banks operating in both jurisdictions will potentially need to align to the UK’s stricter regime across all models or run two sets of standards. Banks meeting the PRA’s Simpler-regime criteria (including the size threshold of £20bn) on 1 January 2024 will be able to choose between following the UK Basel implementation or a new Transitional Capital Regime until a permanent risk-based capital regime is established. Further consultations will follow in 2023 and 2024 on the remaining aspects of the new regime.
Revisions to the UK OCIR policy came into effect on 1 January 2023 and end-state MREL requirements, already in force for larger firms, will apply for mid-tier firms from 2023 (with a transitional approach for the smallest firms). UK banks and relevant third-country branches with trading activity that could affect the financial stability of the UK must meet the expectations of the PRA’s new policy on trading activity wind-down (TWD) by 3 March 2025.
The PRA is expected to finalise its model risk management principles for banks, with implementation 12 months after publication of the finalised supervisory statement, likely H1 2024.
In mid-2023, the UK Government will consult on a series of mid-term reforms to improve the functionality of the ring-fencing regime. This could result in banking groups without major investment banking operations being removed from the regime.
Insurers
In the UK, PRA has set out its supervisory priorities for insurers in 2023, including focus on the growing concentration of assets that are internally rated and valued within life insurers, and the continued uncertainties of claims inflation affecting general insurers.
Other prudential priorities include risk management, including insurers’ response to changing market conditions and assurance on the validity of their models. The PRA reminded firms about the Prudent Person Principle (PPP) given high levels of longevity reinsurance and the risks of a possible mass capture event. Operational resilience and resolution planning were also flagged, with a consultation on resolution planning expected in 2023. In the meantime, firms without recovery and resolution plans in place are expected to consider developing plans proportionate to their size.
Reforms to Solvency II continue to be a major focus both in the UK and the EU. In the UK, HMT has completed its consultation and the final package includes: cutting the risk margin significantly with a 65% cut for long-term life insurance business; maintaining the existing methodology and calibration of the fundamental spread; and changing asset eligibility rules for the matching adjustment to encourage financial investment in infrastructure projects. The reforms are subject to Parliamentary scrutiny. In the EU, the European Commission adopted a legislative package on the Solvency II review in 2021. The package will go through the usual EU legislative process, with both the European Council and Parliament submitting amendments to the Commission. As in the UK, resolution is a key theme in the EU, with the proposals for an Insurance Recovery and Resolution Directive (IRRD) aiming to create a harmonised framework across Member States.
Finally, climate-related risks have the potential to undermine the safety and soundness of both firms and the wider economy. Regulators and standard setters are considering how best to integrate climate-related risk in capital frameworks for insurers (see Delivering ESG and Sustainable Finance).
Investment firms
Although the revised requirements for MiFID investment firms have been embedded, firms can expect further regulatory guidance and an evolution of broader prudential requirements in both the UK and the EU for firms subject to other regimes.
The FCA has consulted on amendments to various aspects of the Investment Firms Prudential Regime. Its proposals cover minor updates to definitions, reporting requirements, and the prudential treatment of certain assets, as well as clarifications to calculations regarding firm classification, prudential consolidation, and K-factors. The FCA is expected to publish feedback on its reviews of the ICARA documents for larger firms. For solo-regulated firms other than MiFID firms, the FCA consulted on minor adjustments to its prudential requirements and proposed a new regulatory return to formalise the ad-hoc, resource-intensive information gathering it has undertaken since the onset of the pandemic. The FCA has also stated that it intends to review prudential requirements for these firms in 2023.
The EBA has continued to supplement the EU Investment Firms Directive regime, most recently by delivering final technical standards that aim to ensure all EU prudential regulators adopt a harmonised approach to imposing additional liquidity requirements on MiFID firms. In addition, it published a report that sets out how regulators should incorporate ESG risks in their supervisory approach (see broader requirements above within Delivering ESG and Sustainable Finance).
Regulating digital
finance
There continues to be accelerated adoption of digital innovation within the financial services sector. This innovation is providing enormous benefit to customers and service providers alike – but it is also introducing novel risks which could pose a threat to consumer protection and, on a wider scale, financial stability. Regulators are becoming attuned to these new risks and are beginning to account for them within regulatory frameworks.
Digitalisation is changing the ecosystem. The automation and streamlining of processes within the trade lifecycle could potentially disintermediate incumbent institutions. The line between retail and wholesale services is blurring with the adoption of trading apps which allow consumers to access financial products directly, without the need for middlemen or other gate-keepers. There are concerns that this ease of access is also leading to the gamification of financial services.
The uptake of crypto-assets as ‘a new form of money’ is requiring regulators to determine whether they can be accounted for within existing regulatory frameworks, or require the development of entirely new ones. Crypto-assets are also compelling central banks to investigate the development of their own Central Bank Digital Currencies (CBDCs) to safeguard the traditional role of currency.
Underpinning all technologies and digitalisation are the fundamental building blocks of infrastructure and data. Firms need to ensure the integrity of databases (including protecting customers and market confidential data), to have the expertise to analyse them, and to have in place good governance and controls. To be able to deliver services more efficiently, data needs to be shared across borders. This raises legal challenges, which regulators continue to debate.
The score for Digital Finance is lower than in the last edition, reflecting the fact that, whilst there has been a lot of noise, relatively little actual regulation is yet to emerge.
There has been no real change in the pressure resulting from digital finance regulation. Although there has been a great deal of focus on the area – the actual regulation is still very much in developing phase and so difficult yet for firms mobilise to implement.
Crypto-assets and CBDCs
In the wake of several prominent bankruptcies, regulators are ramping up efforts to finalise crypto-asset regulatory frameworks to address issues of consumer protection and financial stability. Regulators are encouraging innovation in the use of the underlying distributed ledger technology (DLT) to bring efficiencies to the operations of financial markets. Investigations and experiments continue in the use of central bank digital currencies.
Read more
Artificial intelligence and machine learning
Artificial intelligence and machine learning techniques can be used to analyse the vast amount of data now generated by financial services, bringing efficiency to firms’ processes and personalising the delivery of products to customers. Financial supervisors have begun issuing guidelines on how these techniques could be regulated and are involved in discussions with other non-financial supervisory bodies. However, it remains to be seen exactly what form any regulation might take.
Read more
Platformisation, Big Tech in Finance
Over the past few years, several Big Tech players have entered the financial services arena. They have begun offering a variety of platform-based solutions directly to consumers, while also becoming critical third-party providers to traditional firms within the ecosystem. However, unlike traditional firms – which are designed to operate exclusively within the financial services domain – some Big Tech firms are choosing to develop and distribute financial products as part of their wider portfolio of existing activities. Policymakers and regulators are consequently having to examine whether the currently regulatory framework is fit for purpose.
Read more
Data sharing and innovation
Open Banking is seen as a successful driver of innovative products and services for consumers. Regulators and policymakers are now embedding and refining the regime and are considering whether the principles of data sharing contained within the initiative can be broadened further to create an ‘Open Finance’ framework.
Read more
Considerations for firms
- Do we have a clear governance and control framework around the use of machine learning and AI?
- Have we considered potential future regulatory impacts of holding or operating with crypto-assets?
- Does our business model consider the growing impact of BigTech companies in financial services?
Crypto-assets and CBDCs
Europe’s Markets in Crypto-assets (MiCA) regulation will begin applying to in-scope firms from Q1 2024. Due to the borderless nature of this sector and the consequent need for frameworks to operate globally, MiCA is being touted as a potential blue-print for other jurisdictions.
The UK’s Financial Services and Markets Bill (FSMB), set to be finalised in 2023, formally brings ‘digital settlement assets’ used for payments (i.e. stablecoins) within existing e-money regulations. The FSMB was amended to introduce a definition of crypto-assets so that future regulation can be formulated without the need for further primary legislation. HMT’s consultation on the future regulatory regime proposes to regulate a broad suite of crypto-asset activities, such as trading and issuance, consistent with its approach to traditional finance.
The BCBS has finalised proposals for the prudential treatment of crypto-assets. Doubling down on its conservative approach, the proposals require the highest possible one-for-one capital charges for ‘unbacked crypto-assets and stablecoins with ineffective stabilisation mechanisms’.
The completion of the ECB’s digital euro prototype is expected in October – with the relevant legislation expected from the European Commission in May. Meanwhile, HMT and the BoE are consulting on their proposed model for a potential digital pound. Both the EU and UK will also launch their respective DLT regulatory sandboxes this year.
The ongoing crypto market chaos has reignited criticism of centralised platforms, with some advocating for the move towards self-executing decentralised finance (DeFi) applications. However, regulators are emphasising the need for significantly more analysis to be completed before these applications are deployed at scale – as neither their robustness nor how they could be supervised has been proven.
Artificial intelligence and machine learning
IOSCO, EIOPA and BaFIN have issued guidelines and best practice on the use of AI in financial services. The BoE/FCA AI Public Private Forum (AIPPF) also published a report including examples of best practice. Common considerations for firms fall into three main categories.
- Data quality and governance – data should be of sufficient quality to prevent biases and be sufficiently broad to obtain logical results, while still complying with data protection requirements.
- Model design – models must not reinforce biases, must be explainable and transparent and must be reviewed and signed-off appropriately.
- Governance framework – firms need a governance framework that allows senior management to oversee the development, testing, deployment and monitoring of AI & ML.
The BoE and FCA joint Discussion Paper on AI & ML requests feedback on whether ‘fine-tuning’ the existing regulatory framework is sufficient. Some regulators have pointed out in follow-up speeches that, under SMCR, firms’ management already have responsibility for managing risks related to any models they employ.
The European Commission’s proposed Artificial Intelligence Act classifies AI activities into four tiers of risk with increasing levels of requirements. These start with transparency and voluntary codes of conduct and escalate to ex-ante conformity assessments and ex-post quality and risk assessments and monitoring. Feedback from market participants is that that there needs to be clarity on how the Act interacts with other cross-sectoral legislation such as GDPR and that it needs to be principles-based to future-proof requirements as the technology continues to develop.
In the UK, the Office for AI (a collaboration between the DDCMS and BEIS) will set out a proposal for governing and regulating AI in a White Paper in 2023.
Data sharing and innovation
In the UK, Open Banking and its future development continue to be a priority for HMT, the Competition and Markets Authority and the FCA. The cross-authority taskforce has articulated its vision for Open Banking and emerging thinking on the design of the future implementation entity. The taskforce will publish its common view, recommendations and a roadmap providing a clearer picture about the direction and pace of development in Q1 2023.
The European Commission has consulted on small changes to its Open Banking framework that would be implemented in a wider legislative proposal revising PSD2.
Building on the Open Banking framework, regulators are keen to develop Open Finance, to allow consumers and SMEs to access and share their data on a wider range of financial products with third-party providers. In the UK, the proposed Data Reform Bill will create a clearer regulatory environment for personal data that could help drive the adoption of Open Finance.
In the EU, the European Commission is considering responses to its consultation on how to develop Open Finance and its Expert Group has published a report on the Open Finance ecosystem to support policy development.
The UK Government has laid regulations in Parliament outlining a framework for pension dashboards to allow easier access to pension information.
Strengthening operational
resilience
Regulators have long expected firms to manage operational risks and have in place business continuity and disaster recovery plans. However, operational resilience is now much broader than this and is recognised as a key driver of investment and business strategy. Financial regulators view operational resilience for firms on an equal footing with financial resilience and recognise that poor resilience has the potential to impact not only individual firms and wider financial stability, but also to cause significant customer detriment.
Regulators require firms to demonstrate end-to-end operational resilience (including cyber resilience) in their key business activities, to prevent severe disruption and maintain financial stability. Strong governance and accountability is expected, as is robust testing of disruption scenarios. Firms must consider the possibility of multiple concurrent disruptions and the emergence of new threats and vulnerabilities. Extreme events arising from climate change, from floods to wildfires to unexpected snowstorms, could impact physical operations and geopolitical events could challenge operating models. Regulatory authorities have realised that a broader approach to operational resilience — incorporating equally important components such as people, processes, technology and information — is needed. Underpinning all the regulatory initiatives is the common desire to create a financial services sector that is more resilient to disruption, hence reducing the potential for wider contagion, financial instability and harm to end-customers.
The EU and UK have set out clear expectations for regulated firms. However, resilience expectations are now extending to a wider range of participants operating in the financial sector. For more on the operational resilience of FMIs see Delivering Financial Infrastructure. Cloud service providers and critical third parties are under scrutiny.
The score for operational resilience has ticked up slightly, due in large part to the shift to implementation for DORA – firms now have a clear deadline, although technical standards are still to be issued. Focus on critical third parties also contributes to the increase.
Enterprise-wide resilience
Principles and rules introduced in the last few years target enterprise-wide resilience. Regulators expect firms to map their most important business services from end to end, identify severe but plausible stress scenarios, and carry out testing to identify weaknesses. Firms must define the amount of disruption that they would be willing to tolerate and to monitor and measure their ability to remain within these tolerances.
Read more
Digital resilience
Additional demands on systems, processes and data have increased regulators’ focus on firms’ technological resilience. The EU Digital Operational Resilience Regulation (DORA) contains multiple measures to harmonise ICT resilience requirements, with consequential amendments to other legislation. Cyber security remains critical, particularly with accelerated adoption of technology and increasing sophistication of external bad actors.
Read more
Third-Party Risk
Regulatory guidance on outsourcing has been in place for some time, but expectations have grown in the EU and the UK, reflecting the growing reliance on and stability risks posed by critical third parties. Specific rules are now being introduced to identify these providers and bring them within the regulatory perimeter if they are not already.
Read more
Considerations for firms
- Do we have a clear view of the resilience of our end to end processes for important or critical services, including third party dependencies?
- Have we understood, documented and tested our tolerance for disruptions and our ability to recover?
- Have we considered the impacts of increasing requirements around digital (including cyber) resilience?
Enterprise-wide resilience
Regulators in both the UK and EU agree on the need for firms to prioritise the resilience of their most critical services and operations and to minimise the effects of disruption on customers. In the UK, implementation of the requirements set out by the PRA, BoE and FCA in 2021 is in progress and due to complete by March 2025. In-scope firms must identify and catalogue their important business services, define impact tolerances for disruption to these services and test whether they are able to remain within tolerance when under stress. Strong governance and accountability are also required. National and regional authorities will be responsible for creating their own frameworks to deliver against the expectations for banks set out in the high level BCBS Principles for Operational Resilience.
Digital resilience
DORA entered into force in January 2023. The European Supervisory Authorities will now begin to develop their regulatory technical standards, the level 2 rules that actually implement the regulation. Those will be completed within 12 to 18 months depending on the area of focus. By mid-January 2025, relevant financial services supervisors will expect firms to be in full compliance with all the new requirements under DORA.
DORA will impact a very wide range of financial entities. Critically, it will also apply to ICT third parties – for more on these see Third-Party Risk. It will also have significant interactions with other regulations. NIS2, the new directive to strengthen cyber security in the EU, will align with sector-specific legislation set out in DORA for regulated entities. The Capital Requirements Directive (CRD) will require ICT business continuity and disaster recovery plans to comply with DORA. MiFID II will refer to DORA and include amended provisions relating to continuity and regularity in the performance of investment services and activities, resilience and sufficient capacity of trading systems, effective business continuity arrangements and risk management. Solvency II, UCITS, AIFMD, Institutions for Occupational Retirement Provision Directive (IORPD II) and the Statutory Audits Directive will refer to DORA regarding management of ICT systems and tools. PSD2 authorisation rules will refer to DORA, although incident notification rules will exclude ICT-related incident notifications that DORA will harmonise.
Third-Party Risk
Regulatory scrutiny of third-party relationships and risk management has increased. In the UK, the PRA’s policy on third-party risk management provided a holistic framework for managing outsourcing and third-party risk with specific requirements around governance, materiality, risk assessment, data security, and business continuity and exit planning. In the EU, DORA builds on the outsourcing Guidelines already issued by the EBA, ESMA and EIOPA to strengthen oversight and monitoring of third-party ICT. The BoE is also considering supervisory statements for FMI outsourcing and third-party management.
Non-financial firms increasingly provide essential services to the financial sector giving rise to concerns about reliance on a small number of third-party providers. DORA will empower the European Supervisory Authorities to designate Critical ICT Third Party Providers (CTPPs) through a new oversight framework. The designation will be based on qualitative and quantitative criteria including the potential systemic impacts of the third party and the firms it services, the extent to which the third party is relied upon, its substitutability etc. Third-party service providers not designated as critical will also be able to opt into the oversight framework. Critical third-country ICT service providers to financial entities in the EU will be required to establish a subsidiary within the EU so that oversight can be properly implemented.
The UK is taking a similar approach, with HMT empowered to designate Critical Third Parties (CTPs) under the proposed Financial Service and Markets Bill. The joint BoE, PRA and FCA discussion paper on critical third parties to the financial sector closed in December. A further consultation on the proposed requirements and expectations for CTPs is expected later in the year.
Developing/
implementing
7.3
Developing financial
infrastructure
Financial Market Infrastructures (FMIs) are going through a period of significant change as their importance across the financial services ecosystem grows. They have a critical role to play not only in managing risk, but also in increasing transaction efficiency. As a result, the need for scale and effectiveness in the FMI space could lead to consolidation opportunities.
FMIs themselves are also assessing the potential of new technologies – such as distributed ledger technology and cloud computing – to optimise IT processes and their integration into the wider market infrastructure.
However, against this backdrop of innovation, regulatory and supervisory scrutiny is increasing. This is a result of the growing complexity and interconnectedness of markets as well as FMIs’ key role in supporting these markets to function smoothly. Regulators are likely to want FMIs to consider the operational and cyber resilience impacts of new technologies, including oversight of critical third parties. In fact, certain frameworks that have been implemented in more mature sectors such as banking and insurance – for example operational resilience obligations and the UK Senior Manager and Certification Regime – are now being considered seriously (or even implemented) for FMIs.
There has been an increase in the regulatory pressure on FMIs since the last issue of Barometer. Concerns around the impact of market volatility on FMI processes and the resulting impacts on the wider market has increased supervisory oversight. Measures such as stress testing and operational resilience requirements are fully in implementation phases at firms.
Central clearing
Clearing houses or central counterparties (CCPs) are now seen as an essential part of financial market infrastructure. However, there are still questions around the role of margin in contributing to liquidity issues during market volatility – for example during the onset of COVID19 or the current energy market crunch. The growing importance of CCPs is also reflected by developments in stress testing and recovery and resolution regulations.
Read more
Data regulation
Market data – including information on prices, bids, quotes, volumes of traded financial instruments, and benchmarks and indices – is becoming increasingly important to inform financial firms’ trading and investment strategies and meet their regulatory and disclosure obligations. Many regulators are concerned about the cost, access to, and reliability of this data. As a result, they are proposing amendments to existing regulation, considering new regulation and investigating competition issues. These changes could impact the business models of both the firms providing and consuming the data.
Read more
Payments
The payments infrastructure continues to evolve to keep pace with increasing digitalisation and the associated opportunities and risks. Regulators and policymakers are implementing proposals to ensure that users are adequately protected when using payment systems and services. The UK New Payments Architecture (NPA) is developing, and work is ongoing to strengthen competition between providers of card-acquiring services. The European Commission is implementing its retail payments strategy which aims to give consumers more choice and opportunities, whilst ensuring consumer protection through delivery of a better payments infrastructure. In both the UK and Europe there is strong understanding of the continued need for access to cash.
Read more
Considerations for firms
- Is our organisation structured to deal with the increasing regulatory change and supervisory scrutiny in the FMI sector?
- Have we considered evolving payments infrastructure in our business model planning and operations?
Central clearing
CCPs and clearing members should continue to expect supervisory scrutiny around their operational management of margin and liquidity, including measures to limit procyclicality. A joint review of margining practices by the BCBS, CPMI and IOSCO identified six areas requiring further work including transparency, the liquidity preparedness of market participants, and the responsiveness of initial margin models to market stress. In its EMIR 3.0 proposal, the European Commission’s amendments aim to increase transparency on margining models and reduce the likelihood of procyclical collateral haircuts. ESMA is considering revisions to the current calibration of anti-procyclicality tools in the associated EMIR regulatory technical standards.
ESMA’s fourth CCP stress test confirmed the overall resilience of EU CCPs as well as two third-country CCPs (both of which were UK-based). However, it also found that further work is needed to combat operational and concentration risk.
The BoE's first supervisory stress-test of UK CCPs showed that they were resilient to a severe market stress scenario and the simultaneous default of two clearing member groups. The BoE will use these findings to refine its CCP supervisory stress-testing regime, which is being finalised in 2023. The BoE will then focus on CCPs’ implementation of new operational resilience standards.
Work continues at the international level on the sufficiency of the existing toolkit for CCP resolution, in particular during non-default loss scenarios. HMT, through the Financial Services & Markets Bill, is expanding the UK’s resolution regime for CCPs to align with the latest FSB guidance. ESMA continues to consult on and publish regulatory technical standards and guidelines for implementation of the EU CCP Recovery and Resolution regime (CCPRRR).
Cross-border access to CCPs is considered further in Accessing Markets.
Data regulation
The FCA has signalled concern that competition issues in the provision of market data may be leading to inflated pricing. Costs are either passed on to end investors or data access is limited (leading to less-informed investment decisions by firms and consumers). The FCA is specifically investigating whether high trading data costs and complex licensing terms and conditions are generating user harm and will consequently determine whether further guidance or policy action is needed. Results of this review are expected in Q1 2023. The FCA will also carry out market studies on benchmarks and credit ratings provisions.
MiFID II/MiFIR set up the regulatory framework for a consolidated tape of financial instrument price and volume in the EU, and this was on-shored to the UK following Brexit. However, the consolidated tape has not yet emerged in either jurisdiction.
European Commission proposals to hasten the development of this tape in the EU are being vigorously debated as part of the MIFIR review, with differing positions regarding scope and operation. Meanwhile, HMT is amending UK legislation so that the FCA is responsible for setting the requirements for the multiple competitive consolidated tape providers that HMT believes will deliver the best solution. As part of the Edinburgh Reforms, the UK Government committed to having a regulatory regime for a consolidated tape in place by 2024.
Regulatory changes in these areas could impact the business models of both data providers and consumers and is also likely to lead to changes in pre-and post-trade reporting formats and requirements.
For more information on ESG Data and Rating providers see Delivering Sustainable Finance.
Payments
UK policymakers and regulators continue work to establish a robust future-proofed payments infrastructure. HMT is considering responses on reforms to the payments regulatory landscape and has issued a call for evidence on the Payment Service Regulations and whether they remain fit for purpose. The BoE is renewing the Real Time Gross Settlement service, with delays until later in 2023 to the migration to ISO 20022 messaging in response to changes in the ECB’s dates for TARGET2 ISO 20022 migration. Further afield, the Financial Stability Board (FSB) continues to implement the G20 Roadmap for enhancing cross-border payments.
In the UK and EU, policymakers and regulators, despite the prevalence and utility of electronic payments, continue to recognise the importance of access to cash for many businesses and consumers. The BoE and FCA are monitoring and exploring solutions. The FCA has confirmed its strengthened guidance on branch and ATM closures or conversions. This will be bolstered by legislation protecting access to cash in the Financial Services and Markets Bill.
The ECB‘s framework for overseeing electronic payment instruments, schemes and arrangements (PISA) has come into force. The European Commission’s review of the application and impact of PSD2 is ongoing.
Fighting the rising incidence of fraud and scams continues to be a key priority. The PSR has implemented new rules extending confirmation of payee from six banking groups to over 400 payment service providers and is considering responses on fraud prevention measures such as mandatory reimbursement, supported by powers obtained through the Financial Services and Markets Bill.
Enhancing customer
protection
The nature of products and services, how they are delivered and communications with customers are changing. The perennial question for regulators about the optimal level of customer protection is now set against challenging economic conditions impacting the cost of living, the need to encourage greater private investment to aid economic recovery and increased digitalisation. These factors are driving an upward trend in the level of consumer protection rules being developed by regulators.
Consequently, regulators are increasingly interested in how firms ensure that they are appropriately balancing their own commercial and operational considerations with the needs of end-customers. In particular, regulators are focused on how this is embedded throughout the firm and at all stages of the product lifecycle and customer journey.
Firms must be able to demonstrate progressively how their culture, strategy, business model, product design and operating model deliver fair treatment to all their customers. Increasingly this is taking the form of emerging regulation relating to product governance, assessment of outcomes and consideration of value for money/fair value.
The uncertain economic environment has increased the number of vulnerable customers and focused the attention of regulators. At the same time, there is an increase in the level, and sophistication, of scams and fraud. Many customers will exhibit characteristics of vulnerability at specific points in their lives and they should be able to achieve outcomes that are as good as those of other customers.
The volume of publications remains high as regulators respond to the impacts from the rising cost of living pressures on customers. In addition, firms in the UK are busy implementing the Consumer Duty leading to significant activity before the initial July 2023 deadline.
Outcomes-focused
Regulators are seeking to move firms’ mindsets away from narrow rules-based compliance to a more holistic assessment of the impact of their conduct and the outcomes that they are generating. This approach, with new rules under consultation or being implemented, will have a material impact on firms’ cultures, strategies and operating models.
Read more
Vulnerable customers
Global economic factors impacting the cost of living continue to fuel regulatory focus on the fair treatment of vulnerable customers across all sectors. This is likely to have a material impact on firms’ existing processes, procedures, products and services as well as on training and development implications for their employees. Given the complexity that comes with considering different types and interconnectedness of customer vulnerability, firms will need to consider the associated operational challenges and potential conduct risks.
Read more
Value for money
Across most jurisdictions, there is currently no specific regulatory requirement on value for money across all sectors. However, to help protect customers, some regulators are starting to consider requiring firms to evaluate whether their products and services offer value as well as utility. This will have a material impact on the products and services firms offer and their associated charges, and will reinforce how fairly customers are treated.
Read more
Product governance
Although product governance rules have existed for many European firms since 2018, there is mounting evidence that they are not being implemented or supervised effectively. Therefore, consultations on enhancements to (and/or reinforcement of) the rules are taking place and are likely to result in firms needing to develop further their existing process and procedures.
Read more
Considerations for firms
- Can we evidence (through our culture, strategy, business model, product design and operating model) how we balance our own commercial interests with delivering appropriate outcomes for all our customers?
Outcomes-focused
There continues to be a drive by regulators in both the UK and the EU to transition regulation (and supervision) towards a greater focus on the outcomes that are being generated for end retail customers. This is particularly important as firms consider offering new products that may stretch their existing capabilities. The UK FCA’s Consumer Duty is the most strident of the initiatives. As the implementation date approaches, the FCA is using much of its regulatory correspondence to highlight how firms should be considering their actions through the lens of the Duty. With striking parallels in terms of regulatory intentions, the Central Bank of Ireland (CBI) has launched a discussion paper on consumer protections to explore how they can be strengthened. Addressing issues around conduct and culture is also a key feature of the International Association of Insurance Supervisor’s (IAIS) roadmap for 2023/24. The EC is expected to publish a package of measures on its strategy for retail investors, seeking to deliver them better outcomes – this could potentially lead to a commission ban on advised sales – as was introduced in the UK in 2012.
Vulnerable customers
Regulators are, once again, having to move swiftly to protect vulnerable customers from the impacts of the cost-of-living crisis; they are expecting the number of customers classed as vulnerable to increase as a direct result. In the UK, the FCA has been conducting cross-sector engagement to ensure firms treat customers fairly and support those struggling financially due to the rising cost of living. Through updated guidance and firm correspondence, the FCA has sought to ensure firms are clear about the effect of its rules in these circumstances, and the range of options open to firms to support consumers. This includes a consultation on updating insurance-related aspects of previous guidance so that it applies to all customers in financial difficulty.
Recent FCA work on the application of its vulnerable customers guidance and treatment of borrowers in financial difficulty identified inconsistent practices and areas for improvement. These findings, coupled with the impact of the ongoing economic conditions are likely to result in further regulatory scrutiny and consideration of the need for additional interventions. EIOPA’s recent Consumer Trends report cites the impact the current macro-economic environment is having an impact on consumers, particularly vulnerable groups as its lead cross sectoral trend. At the end of 2022, the EBA consulted on new guidelines on the effective management of money laundering and terrorist financing risks when providing access to financial services, which specifically considers impacts on the most vulnerable customers.
Value for money
For UK and EU firms subject to MiFID and/or IDD, there is a requirement to consider the appropriateness of cost within product governance arrangements as well as an overarching requirement to act in clients’ best interests. However, there are currently no explicit cross-cutting rules about consideration of value for money (although there are rules for specific sectors – for example, Authorised Fund Managers in the UK).
Regulators want firms to think about whether products are offering fair value to customers, taking into account the specifics of their target market. This thinking has been developed into consultation papers, formalising consideration of whether solutions offer value for money in a specific way. For example, EIOPA has set out a framework for delivering better value for money for the unit-linked market. Similarly, ESMA has completed a common supervisory action on costs and fees for investment funds, which noted that continued supervisory attention is needed. ESMA and EIOPA also continue to monitor the costs and benefits of EU products in their annual reports. As an extension of these broad activities, there is a possibility that the EU may look to consult on requiring fund managers to prepare ongoing value for money assessments of their funds. In its latest Consumer Trends report, EIOPA identifies continued issues in relation to some products not being of high-quality – not offering value for money and/or having complex exclusions.
In the UK, regulatory focus in this area also continues. The most wide-ranging development comes as part of the Consumer Duty where price and value is one of the four outcomes that firms need to assess to ensure that the price a retail customer pays for a product is reasonable compared to the overall benefits received. How firms have embedded this will be a key component of the FCA’s post-implementation supervisory strategy. Marking sufficient time since the introduction of its general insurance pricing rules, the FCA has reviewed and reported on firms’ compliance. Whilst identifying most firms had taken appropriate action, there were examples of poor practices. These illustrate the challenges firms will face in implementing aspects of the Consumer Duty appropriately.
Product governance
MiFID and IDD brought in requirements for firms to develop and maintain a robust and objective product governance framework. Although these requirements have been in place since 2018, supervisory reviews by a number of EU regulators (as well as a review by ESMA last year) have routinely found that firms are not operating the frameworks as effectively, or at sufficient granularity, as they should. This is leading to a number of European regulators seeking to enhance and reinforce the requirements such that they afford an appropriate degree of protection to consumers. For example, BaFin is consulting on product intervention measures to address potential consumer harm arising from the volatile futures market. Under the proposed measures, firms would be restricted from marketing or distributing certain products to retail consumers. Indeed, ESMA has launched a common supervision action review designed to get regulators to assess whether marketing communications are fair, clear and non-misleading and how firms select their target audience – especially in the case of riskier and more complex investment products. The EU is also updating its product governance guidelines (see Delivering ESG and Sustainable Finance). For investment funds in the UK and the EU, there is a specific focus on liquidity management, oversight by depositaries, and value for money.
Further afield, the Australian conduct regulator (ASIC) is conducting a review of pricing promises as a result of failings by insurers to have adequate systems and controls in place to mitigate against risks associated with their product design, pricing and distribution models/ arrangements.
Despite challenges, regulators still recognise the material positive impact such a regime can drive to effectively manage consumer protection at a design level. To illustrate this, in the UK, the Consumer Duty will expand the requirement for a product governance framework and arrangement to all regulated retail products and services across all FS sectors.
The capital markets in both the EU and the UK are undergoing a period of significant change. The UK leaving the EU has changed the structure and concentration of the market as firms have needed to move operations into the EU.
The EU is now undertaking mandatory reviews of the mass of regulation that was implemented post-financial crisis, such as MiFID II/MiFIR, and the UK is reviewing on-shored EU regulation to adapt it to the UK market. Both jurisdictions are looking to raise their attractiveness as destinations to raise capital for new and growing companies, by reviewing listings and prospectus regulation. New fund structures are also being introduced or existing structures adjusted, as European jurisdictions compete for share of market growth and cater for private investment in long-term assets to aid economic recovery and grow national capital markets.
Concerns linger from the market events of March 2020 and regulators remain determined that lessons should be learned. Work to analyse vulnerabilities and develop policy solutions across the non-bank sector has continued, with a particular international focus on liquidity management in open-ended funds. In the meantime, market volatility and challenges for liability-driven investment strategies have heightened regulatory scrutiny.
The only major stage of the LIBOR transition left to complete is the cessation of USD LIBOR in mid-2023. Wholesale market participants are also looking ahead to see how technology can assist the markets in moving towards T+1 settlement, tokenisation, digitisation of data, and greater retail participation.
While reviews of capital markets regulation continued, regulators were forced to act regarding LDI strategies. Reviews of fund liquidity management practices have concluded but triggered further, more detailed work. As LIBOR transition concludes, settlement is becoming a new area of focus. Combined, these have led to an increase in score.
MiFID II/MiFIR review
When MiFID II/MIFIR came into force in 2018, it represented a comprehensive and profound reshaping of how EU financial markets, products and services were regulated, and necessitated large regulatory change management projects within firms. The EU review of the legislation and the UK Wholesale Markets review are unlikely to initiate such large-scale changes but firms working in both jurisdictions will need to carefully manage the likely divergence.
Read more
Fund liquidity management
International regulators have progressed their analysis and recommendations for open-ended funds (OEFs) in general and money market funds (MMFs) in particular in response to the March 2020 ‘dash for cash’. More recent market volatility has again underlined the need for fund managers to have sufficient expertise and resources to respond effectively to unexpected developments and meet regulators’ expectations.
Read more
Growing the capital markets
Regulatory reforms in both the EU and the UK are looking to reduce the regulatory burden in the primary markets to encourage wider participation in the ownership of public companies and improve the quality of information investors receive. In parallel, efforts continue to ‘democratise investment’, increase participation in private markets, and fund the post-pandemic recovery.
Read more
Changing transitions – from LIBOR to T+1
The only major stage of the LIBOR transition left to complete is the cessation of USD LIBOR in mid-2023. The lack of significant market disruption is a testament to the coordination and effort from market participants, regulators and industry bodies. A similar amount of attention and coordination will be needed to transition US and Canadian markets from T+2 to T+1 settlement by Q4 2024, with other jurisdictions considering whether to follow suit.
Read more
Considerations for firms
- Are our regulatory monitoring and change processes set up to deal with diverging UK and EU capital markets regulation?
- Have we critically analysed our experience during the 2020 market stress and subsequent market events, and reassessed our liquidity risk management framework for each of the funds we manage?
MiFID II/MiFIR review
HMT, following consultation, has started implementing reforms to UK MiFID II through the Financial Services and Markets Bill (FSMB). It has prioritised two areas: easing restrictions on where market participants can trade (with removal of the share trading obligation and the double volume cap) and reducing and simplifying the regulatory burden of the regime. The FCA is consulting on the rule changes it will make with either its existing powers or ones it will obtain through the FSMB. It has already issued a consultation on equity markets, and consultations on fixed income market transparency and the commodities derivatives regime are expected in 2023. HMT is also committed to supporting the emergence of a consolidated tape of prices and volumes which is consistent with the EC’s proposals for the MiFIR review (see more in the Data Regulation section of Developing Financial Infrastructure).
The European Council has now agreed its position on the MiFIR review and supports the proposals on changing the double volume cap to a single volume cap and changes to the pre- and post-trade reporting regimes, amongst others. However, there is still strong debate within the EU Parliament on what its position should be, with the ban on payment for order flow being particularly contentious.
The unbundling of investment research is being reconsidered in both jurisdictions. In the UK, the Edinburgh Reforms include an independent review on investment research and its contribution to the competitiveness of UK capital markets. In the EU, the latest CMU proposal increases the market capitalisation threshold under which the unbundling rules would not apply.
A wider EU MiFID II review proposal is expected in the near future and is likely to cover investor protection obligations.
The changes resulting from these proposals are likely to be implemented over the next year. Differences across jurisdictions may further complicate the operating environment for firms. To plan effectively for the probable modification needed to systems (and possibly business models), firms working in both jurisdictions will need to keep track of developments as the proposals are finalised.
Fund liquidity management
Liquidity management approaches and tools remain in the regulatory spotlight. Little further has been proposed for MMF reform, but reviews of recommendations published by the FSB in 2017 and IOSCO in 2018 regarding liquidity risk management in OEFs set out follow-up work for 2023 and beyond. IOSCO’s findings were generally positive – it found that in larger jurisdictions, there was a ‘high degree of implementation’ of its recommendations. However, the FSB found room for improvement in terms of identifying and mitigating financial stability risks from OEFs. It therefore proposed various follow-up work to reduce structural liquidity mismatch, increase the uptake and consistency in use of liquidity management tools, enhance investor disclosure, close data gaps, and promote further use of stress testing. In the UK, the FCA has recently confirmed that fund liquidity management is a supervisory priority and is currently concluding a multi-firm review.
Volatility in the UK gilt market in September 2022 and associated challenges for Liability-Driven Investment (LDI) managers forced regulatory action. UK and EU regulators have reiterated their expectations around LDI for asset managers, fund managers, pension fund trustees and banks, and outlined plans for additional monitoring and policy work. The BoE has also proposed running a stress test exercise of the non-bank sector for the first time.
Growing the capital markets
The European Commission’s latest proposals to take forward the Capital Markets Union (CMU) action plan contain a long-awaited deliverable from the plan – an attempt to harmonise insolvency practices across the Union through a directive. It also continues efforts to simplify raising capital on EU public markets by amending the Prospectus Regulation and the Market Abuse Regulation, repealing the Listing Directive, and proposing a new directive on multiple-vote shares.
In the UK, HMT and the FCA are implementing the recommendations of Lord Hill’s UK Listing Review and the Kalifa Review of UK Fintech.
While the FCA has made some initial changes to the listing regime, it is still considering the feedback provided on the listing regime’s purpose and structure. The UK Government will use new powers from the Financial Services and Markets Bill to repeal the existing Prospectus Regulation and establish a reformed Prospectus Regime and Public Offer Regime with detailed rule-making delegated to the FCA. A Digitisation Taskforce has been established to drive forward the modernisation of the UK’s shareholding framework. As part of the Edinburgh reforms, the UK Government plans to introduce an intermittent wholesale market trading venue that would act as bridge between public and private markets.
Mirroring developments around the world, regulators across Europe are also creating new fund vehicles to offer more flexibility and to bolster private investment in illiquid assets to assist economic recovery. Regulators are keen, though, to mitigate potential conduct risks and prevent harm. In the UK, the FCA has consulted on broadening the distribution of the Long-Term Asset Fund to retail investors. In parallel, the EU is now concluding its review of the European Long-Term Investment Fund Regulation to make the rules more flexible, reduce barriers to entry for retail investors and increase the uptake of ELTIFs. In Switzerland, the planned Limited Qualified Investor Fund regime is expected to be available for fund launches from April 2023 and will allow for the inclusion of various alternative assets for the first time.
Changing transitions – from LIBOR to T+1
Since 1 January 2023, 27 of the 35 LIBOR settings, relating to specific currencies and time periods, have no longer been available. The last available settings are now being wound down. 1- and 6-month synthetic GBP LIBOR settings will cease permanently immediately after publication on 31 March 2023 with the final synthetic GBP LIBOR setting (3 month) continuing to be published until end-March 2024. USD LIBOR is due to cease in mid-2023, so the FCA is currently considering whether 1‑, 3‑ and 6‑month synthetic USD LIBOR settings should be published for a short time (until end-September 2024). Regulators expect firms to use the most robust alternative reference rates to USD LIBOR and any firm considering the use of credit-sensitive rates to assess the risks carefully. Although the transition has been smooth, regulators will continue to monitor firms’ wind-down of legacy LIBOR books, likely reviewing for unfair treatment of customers and impacts on markets.
In February 2022, the US SEC proposed rule changes to reduce the standard settlement cycle from T+2 to T+1. Rules have not yet been finalised but go-live is likely to be Q3 2024. European firms trading US financial instruments will need to consider the impact on their operations. As part of the Edinburgh Reforms the UK Government announced the formation of an industry-led ‘Accelerated Settlement Taskforce’ to recommend an approach for the UK. There has not yet been a similar official announcement in the EU, but a recent AFME report highlighted that a European implementation would be more complex given multitude of currencies, market infrastructures and distinct legal frameworks.
More than two years since the end of the post-Brexit transition period, the commercial and operational implications of the EU-UK border continue to evolve for financial services firms.
Regulatory developments since the UK left the EU underline that firms working in the EU, the UK and elsewhere need to continue to monitor regulatory change and market access arrangements in order to pre-empt disruption to their business.
On the whole, as bilateral equivalence determinations still appear to be off the table, firms will need to focus on ensuring they have sufficient substance and remain compliant with local access arrangements.
In the UK, the Temporary Permissions Regime is coming to an end, requiring EU firms in the regime either to become authorised or to run off their regulated activities in the UK.
The UK also announced plans in 2022 to negotiate a Mutual Recognition Agreement (MRA) for financial services with Switzerland to allow both countries to defer to each other in the regulation and supervision of firms undertaking cross-border financial services. However, there have been no signs of progress to date. The UK Financial Services and Markets Bill will legislate to allow an MRA framework, as the UK hopes to enter into MRAs with other jurisdictions in the future.
The score has dropped slightly to reflect a lack of new, significant regulatory activity. Previous themes remain in focus (for example, ESMA’s attention to substance requirements). While the end of the TPR has drawn nearer, the TRR for CCPs has been extended.
Delegation of portfolio management
The EU co-legislators continue to review and debate proposals to clarify the delegation rules under the AIFMD and the UCITS Directive. Asset managers should continue to factor the ongoing debate on delegation and ‘substance’ into their thinking. In the meantime, this remains a supervisory area of focus.
Read more
Fund marketing and distribution
As jurisdictions introduce new or amended fund structures, questions remain around cross-border market access. Existing EU funds can continue to market in the UK if they are registered under the Temporary Marketing Permissions Regime, but consultations on the final framework for the UK’s future Overseas Funds Regime have been delayed. The details may determine how firms structure their operations.
Read more
Regulated markets and clearing
EU firms’ ability to access services in third countries and the corresponding regulatory treatment continues to evolve. Although the Commission previously extended equivalence for UK CCPs until June 2025, it has now put forward proposals to make clearing in the EU more attractive. Meanwhile, the BoE is taking steps to advise on CCP equivalence decisions and to recognise non-UK CCPs.
Read more
Cross-border services
In the absence of equivalence determinations, cross-border access to professional clients remains largely the responsibility of national regulators. For the banking industry this may change under proposed amendments. More broadly, EU authorities continue to focus on reverse solicitation and ‘substance’ in EU entities. In the UK, regulators are working through applications from firms in the Temporary Permissions Regime (TPR). The overseas market access framework in the UK is also being reviewed by HMT.
Read more
Considerations for firms
- Have we reviewed what “substance” we have in each jurisdiction and whether it is sufficient to meet evolving supervisory expectations?
- Are we monitoring regulatory developments regarding market access arrangements and their potential impact on our business?
Delegation of portfolio management
Delegation by EU fund management companies to third countries continues to be considered by EU authorities, and national regulators have clarified their expectations and undertaken supervisory reviews. Most recently, ESMA published findings from its assessment of the Brexit relocation process, which ‘put into question’ whether adequate activities have relocated into the EU and whether relocated firms are autonomous and independent – suggesting substance and governance in EU entities may need to be further enhanced. The review also concluded that none of the assessed regulators had performed a comprehensive review of delegation arrangements. Separately, in a letter to fund management companies, the Central Bank of Ireland concluded that there is ‘more work to be done’ regarding substance and resources.
Matters to be finalised under the AIFMD review process include potential notifications to regulators regarding delegated activity, justifying delegation based on objective reasons, minimum substance requirements and regular ESMA peer reviews. Asset managers will need to continue to monitor developments.
Fund marketing and distribution
In the UK, the Overseas Fund Regime is yet to be fully operationalised. Parts of the framework have been introduced into UK law, but more work is needed to activate the regime and complete any equivalence determinations. The FCA was due to consult on changes to its handbook in 2022, but this has yet to be taken forward. The details of the regime will determine the conditions and requirements under which equivalent funds can market in the UK – for example, whether they need to perform an assessment of value, or whether they would be able to make use of a sustainable label in certain circumstances (see Delivering ESG and Sustainable Finance). In the meantime, EU funds already registered under the FCA’s Temporary Marketing Permissions Regime can continue to access the UK market. The FCA has clarified that these funds will need to continue to produce disclosures for UK investors in the current format, even though the EU’s UCITS disclosure requirements changed in January 2023.
Regulated markets and clearing
The European Commission has extended equivalence for UK central counterparties (CCPs) until June 2025. However, in December 2022, in reaction to the continued dominance of UK CCPs in European clearing, the Commission proposed to amend EMIR (via EMIR 3.0) to require all EU market participants to hold active accounts at EU CCPs for clearing at least a portion of certain systemic derivatives contracts. ESMA will be tasked with specifying the level of clearing to be done through EU accounts. The proposal also simplifies the procedures in EMIR for EU CCPs to follow when launching new products and changing risk models, aiming to make EU CCPs more attractive. Clearing members are concerned that the proposal to have mandatory EU CCP active accounts will cause splitting of books that will lead to a loss of netting benefits and efficiencies which will generate additional costs for market participants.
The BoE has confirmed its approach (under on-shored EMIR) to ‘tiering’ non-UK CCPs based on the level of risk they could pose to UK financial stability, with Tier 2 CCPs subject to direct UK supervision and regulation. However, even Tier 2 CCPs can apply for specific regulatory provisions to be granted ‘comparable compliance’, with the UK then deferring its supervision in these areas to the CCPs’ home authorities. The BoE is currently working with HMT to provide advice on granting equivalence decisions to the relevant jurisdictions and has also begun discussions with overseas authorities on the necessary Memorandums of Understanding (MoUs) to support recognition.
Cross-border services
Proposals to reform the EU banking prudential framework (under CRR and CRD) could potentially impact non-EU firms doing business in the EU. In a bid to harmonise national requirements at EU level, the new framework under CRD6 would tier third country branches (TCBs) based on their size and impose new obligations for authorisation, minimum regulatory and reporting requirements and supervision. All existing TCBs would require reauthorisation – a 12 month transitional period following the 18 month transposition period for CRD6 is proposed.
More broadly, in the absence of equivalence, firms remain reliant on national regulators’ individual cross-border access regimes for professional clients. This requires firms having a detailed understanding of arrangements in specific member states. Authorities are looking to understand better the role of certain practices (such as reverse solicitation in the EU), and EU supervisors continue to review whether EU entities have sufficient “substance” (see “Delegation of Portfolio Management” regarding the findings of ESMA’s assessment of the Brexit relocation process).
For EU firms providing services in the UK, the Temporary Permissions Regime will close at the end of 2023 and all firms should have submitted applications for authorisation by the end of 2022. Firms that did not submit an application for authorisation or subsequently withdrew their application will have entered the Financial Services Contracts Regime, allowing them up to 15 years to run-off existing contracts of insurance and five years for all other contracts. In the case of CCPs, the BoE Temporary Recognition Regime has now been extended until 31 December 2024.
Reinforcing governance
expectations
Supervisors continue to reinforce the need for good corporate governance. This is particularly heightened since the widespread move to hybrid and remote working, which changed firms’ practices and introduced new challenges to both governance frameworks and operations.
Good governance enables the clear identification of fit and proper senior managers, supports the performance of their roles and responsibilities and allows them to be held accountable. Regulators are therefore re-asserting the importance of robust governance arrangements in the interests of both market stability and investor protection.
Regulators are increasingly recognising that good diversity, equity and inclusion (DEI) practices reduce risk for regulated firms by reducing groupthink, creating a stronger alignment between the firm’s employees (at all levels) and the customers they serve. Regulators are calling out pay gaps and lack of diversity among firms’ boards and senior management. They are also focused on helping firms recognise the interconnectedness of accountability, culture, DEI and, when coupled with effective corporate governance, the transformative effect it can have.
The significant volume of new ESG requirements and developments in digital finance will require boards to implement and oversee robust regulatory transformation programs with clear designation of accountability across all three lines of defence.
Most governance arrangements are well established. The incremental change is attributable to the increase in volume of communications relating to diversity, equity and inclusion. New purpose rules are expected in the short to medium term – which are anticipated to drive significant change.
Culture
There is a growing recognition of the powerful roles that culture can play in a firm. Regulators are identifying that, in many instances of poor conduct, deep-set cultural issues have been present and that firms with healthy cultures are less prone to misconduct. An assessment of culture, coupled with other regulatory initiatives can give deeper insights into whether firms operate and are governed in line with regulatory and wider societal expectations.
Read more
Accountability
Initially driven by a response to the 2008/2009 financial crisis, a number of regulators, starting in the banking sector, implemented regimes that required firms to allocate accountability for senior management functions to specific individuals. The rationale was two-fold: to drive up standards within firms as individuals take greater ownership and to simplify supervisory/enforcement action by regulators where individuals are dishonest and/or negligent. These regimes are now expanding in scope across financial services and being introduced in more jurisdictions.
Read more
Oversight, including AML/CFT controls
Oversight of a firm’s business and regulated activities by its Board remains a key regulatory theme, particularly since the widespread shift to hybrid and remote working. As noted in Strengthening Operational Resilience, third-party risk management remains important. In the WAM sector, supervisors are also scrutinising fund governance arrangements and associated oversight capabilities. Focus is needed to ensure adequate oversight of AML controls especially as supervision and regulation in this area continues to be strengthen.
Read more
Diversity, Equity & Inclusion (DEI)
Regulators are increasingly recognising that good DEI practices reduce risk for regulated firms by reducing groupthink. Following the lead of regulators such as the Central Bank of Ireland, the UK regulators (the FCA, PRA and BoE) are now seeking to accelerate the pace of meaningful change on diversity and inclusion across sectors.
Read more
Considerations for firms
- Are our existing governance arrangements keeping pace with regulators’ evolving expectations and incoming requirements?
- Do we continue to have adequate oversight of AML controls?
Culture
Although regulators do not prescribe what a firm’s culture should be exactly, supervisors view poor culture as a driver of harm. In response, they are aiming to address poor conduct and culture through day-to-day supervision (as seen in some of the FCA’s portfolio letters) as well as through newer, broader proposals. In the UK, the FCA’s proposed Consumer Duty seeks to bring about a more consumer-focused approach with outcomes that set expectations for firms’ cultures and behaviours. The culture and ethics within firms also continue to feature in the work programmes of EIOPA, EBA and ESMA. The proposed EU Corporate Sustainability Due Diligence Directive will establish a duty to identify, bring to an end, prevent, mitigate and account for negative human rights and environmental impacts in a company’s own operations, its subsidiaries and its value chains. It will also introduce duties for directors of in-scope EU companies, including setting up and overseeing the implementation of due diligence processes and integrating due diligence into corporate strategy.
Accountability
As part of the Edinburgh Reforms the UK Government is calling for evidence on the Senior Management and Certification Regime effectiveness, scope, proportionality and potential improvements. This is alongside a PRA and FCA review of the framework. Meanwhile, HMT and regulators are expanding the scope of the SM&CR to CCPs and CSDs and considering whether to expand it further to credit rating agencies and exchanges. The regulators consistently assign relevant senior managers to be responsible for remediation work in their Dear CEO letters and have called out the SM&CR as a way of possibly regulating the use of AI – showing their continued focus on full implementation and use of the regime.
In the EU, the ECB is showing an increased focus on ‘fit and proper’ assessments of senior managers and the EBA and ESMA have updated their joint guidelines on the assessment of the suitability of members of the management body and key function holders.
Other jurisdictions are taking forward the implementation of their accountability regimes with developments in Ireland, Singapore, Australia and Hong Kong, SAR (China). Firms working across these jurisdictions face challenges in mapping the interaction and overlaps in their governance structures.
Oversight, including AML/CFT controls
Remote and hybrid working continues to offer opportunities and challenges for firms. Similarly, supervisors’ expectations are also evolving in this context. The FCA has published general expectations for how firms should operate their business and engage with the FCA and for notification requirements in the context of hybrid working. More specifically, the regulator has set out explicit expectations regarding market abuse controls. In the WAM sector, regulators continue to scrutinise fund governance and oversight. For example, in both the UK and the EU, regulators have reviewed the capabilities of third-party fund management companies and investment managers.
There continue to be a number of fines against firms that have failed to have adequate oversight of anti-money laundering (AML) systems and controls, indicating that some firms have more to do to fully embed internal controls. However, regulations also continue to develop.
In the EU, negotiations have reached trilogue stage on the AML/CFT Regulation and the sixth AML directive. This package of rules will establish a new AML Authority and enlarge and strengthen the existing framework. This will include extending AML/CFT rules to the crypto-asset sector, in particular implementing the FATF ‘travel rule’ which brings the transparency required in crypto-asset transfers in line with wire transfers.
In the UK, changes to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs) took effect. These included the requirement to report ‘material’ discrepancies in beneficial ownership information at all stages of the customer lifecycle and the UK’s implementation of the FATF travel rule. The introduction of the Economic Crime and Corporate Transparency Bill to Parliament means further regulatory reforms are coming too.
Diversity, Equity & Inclusion (DEI)
To further advance this important topic, the FCA, PRA and Bank of England will publish a consultation paper shortly on improving diversity and inclusion in regulated firms. The FCA has cautioned that firms that do not embrace diversity of thought will struggle to serve the needs of a diverse customer base and manage risks effectively. The FCA also published findings of a multi-firm diversity and inclusion review to give a picture of the current state of the UK D&I position, to encourage further industry action and to inform the future supervisory approach to D&I.
In the EU, the ECB has consulted on revising its guide to fit and proper assessments and published an updated document that includes taking gender diversity into account as an element of collective suitability.
In its roadmap for this year, the IAIS highlighted its intention to continue work to help insurance supervisors further understand the benefits of DEI and the connection between promoting DEI and their supervisory mandates. Similarly, as set out in its 2023 work programme, ESMA will work on ways to further strengthen its approach to diversity and inclusion, through a variety of initiatives aimed at fostering a culture where diversity is regarded as a source of enrichment, innovation and creativity, and where inclusion is promoted by managers and all staff.
