Financial Services Group - Grant Thornton UK LLP€¦ · the outcome, financial institutions will welcome the relative certainty that will come with the conclusion of negotiations

Financial Services Group

Regulatory handbook 2018-19

Contents

Introduction 3Brexit to dominate FCA’s regulatory agenda 5Brexit: no end in sight 9An uncertain horizon for financial crime regulation 12Establishing an equilibrium between innovation and regulation 15Secure and effective use of data will define institutions’ long-term success 18

Cross-financial services 21Fifth Anti-Money Laundering Directive 22Part 8 of the Policing and Crime Act 2017 24Bribery Act 2010 26The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 27Criminal Finances Act 2017 29Revised Wire Transfer Regulation 31Market Abuse Regulation 32Client Assets Regime 34Markets in Financial Instruments Directive II 36Regulation on a pan-European Personal Pension Product 38General Data Protection Regulation 40Securities Financing Transactions Regulation 41Senior Managers and Certification Regime 43European Market Infrastructure Regulation 45Capital Requirements Directive IV 47Capital Requirements Regulation II and Capital Requirements Directive V 49

Banking 51Banking: Key regulatory developments 52Bank Recovery and Resolution Directive 53Bank Recovery and Resolution Directive II 55Mortgage Credit Directive 57Payment Accounts Directive 59Revised Directive on Payment Services in the Internal Market 61International Financial Reporting Standards 9 63Benchmarks Regulation 64Central Securities Depository Regulation 66

Asset management 68Asset management: Key regulatory developments 69European Long-term Investment Funds Regulation 71Money Market Funds Regulation 73Alternative Investment Fund Managers Directive 75EU prudential framework for investment firms 77Regulation on key information documents for PRIIPs 79European Social Entrepreneurship Funds Regulation and European Venture Capital Funds Regulation 81Undertakings for Collective Investment in Transferable Securities Directive V 83Undertakings for Collective Investment in Transferable Securities Directive VI 85Cross-border distribution of collective investment funds 87

Insurance 89Insurance: Key regulatory developments 90Insurance Distribution Directive 91Solvency II 93International Financial Reporting Standards 17 95

Glossary 96Financial services team 97

The multifaceted nature of the regulatory landscape continues to present financial institutions with both traditional and new challenges. This past year has been characterised by heavy regulatory implementation. Our clients now have to comply with an extensive range of new rules, including MiFID II, the PRIIPs Regulation, the MMF Regulation and the GDPR, among others. Furthermore, mounting geopolitical instability, typified by protracted Brexit negotiations and increasing protectionism further threaten the fragile post-financial crisis regulatory convergence and may hinder the deployment of centralised responses to regulation.

Sandy KumarHead of Financial ServicesT +44 (0)20 7865 2193 E [email protected]

Introduction“I’m delighted to share our Financial Services Regulatory Handbook. This is the fourth edition of a publication which has received warm welcome from both our clients and colleagues. The ability to simplify the regulatory landscape and clearly understand obligations continues to be one of the greatest challenges for financial institutions. While we believe the pace of regulatory change will be less frenetic than in previous years, 2019 will be dominated by the uncertainty emanating from the Brexit negotiations.”

3

Introduction

Unsurprisingly, we expect the first half of next year to be dominated by the repercussions of the culmination of the Brexit process. Irrespective of the outcome, financial institutions will welcome the relative certainty that will come with the conclusion of negotiations. For the UK regulators, as stated in their annual business plans, the protection of customers and financial stability will remain a top priority. Brexit could represent an opportunity to bolster the UK position as a competitive centre for financial services and to consolidate its role at the forefront of the issuance of solid regulatory standards.

Our clients have endured a decade of relentless regulatory reform. Although this phase is far from over, it is safe to say that regulatory change has adopted a less frenetic pace. While most post-financial crisis directives have a review clause that expires in the next couple of years, future regulatory change will be focused on current thematic concerns, such as industry digitisation, resilience, disintermediation and the ever-changing needs of customers.

From an industry sector perspective, each has a different challenge to face.

Banking Prodigious progress in the implementation of the banking regulatory framework culminates in January 2019 with the ring-fencing deadline. We expect that the measures will reinforce the retail operations of UK banks. However, the effects of this uniquely British initiative on the revenue of banks’ wholesale operations remains uncertain.

Asset managementThe intensity of the regulatory agenda has not hindered rapid growth in the asset management industry. Indeed, the sheer growth of assets under management since the end of the financial crisis has attracted regulators’ attention. Now that the post-crisis reform of the banking sector is well under way, we expect asset managers to be covered under the ‘systemically important’ umbrella. The sector also faces the implementation of an EU prudential framework.

InsuranceInsurers have a complex year ahead. Two years after its implementation, the Solvency II regime is under review and the object of intense debate. Insurers expect that, post-Brexit, the PRA will consider reducing the risk margin. In addition, the IDD will come into force and, depending on a firm’s role and responsibilities in the value chain, it may need to make profound changes. To add to the challenge, the insurance version of the Senior Managers and Certification Regime will come into force in December 2019, replacing the Senior Insurance Managers Regime and moving insurers into line with the rest of the financial services industry.

In summaryThis year, the greatest challenge for financial services firms will be to navigate the uncertainty emanating from the Brexit negotiations. Coping with the profound effects caused by the implementation of a wide range of regulatory initiatives will provide a constant drumbeat in the background. Despite the now typical cost pressures, we advocate the adoption of flexible structures as the best solution to adapt to change while managing risks effectively.

44

Brexit is, unsurprisingly, the prevailing theme of the FCA’s 2018-19 Business Plan, illustrating the importance of the role the regulator will play in delivering an orderly withdrawal from the EU. Additionally, the Business Plan focuses on a number of new regulatory priorities: long-term savings, pensions and intergenerational differences, and the high cost of credit.

Jonathan SperrinPartner – AdvisoryT +44 (0)20 7728 2561 E [email protected]

Brexit to dominate FCA’s regulatory agenda “We were expecting the FCA to focus

its efforts on the UK’s withdrawal from the EU, as is the case. The regulator has a challenging year ahead to ensure the focus on Brexit does not impact the protection of customers. Beyond Brexit, we believe that consolidating the UK’s standing as a global fintech and regtech hub is crucial. Accordingly, we welcome the FCA’s decision to extend the sandbox project globally.”

FCA Business Plan

5

In addition to its new regulatory priorities, the FCA will continue to focus on reinforcing a range of existing areas of interest that include: firms’ culture and governance; financial crime and anti-money laundering; data security, resilience and outsourcing; innovation, big data, technology and competition; and the treatment of existing customers.

The FCA has, on numerous occasions, drawn attention to the risks associated with EU withdrawal, both for itself and the firms it regulates. Accordingly, the regulator is planning to support the government with the negotiations, provide technical advice on new legislation, assess the effect of any transitional agreements and continue to work closely with the Bank of England in areas of joint responsibility.

BrexitAndrew Bailey, FCA Chief Executive, stated that, at such a critical time, it is “even more important that the UK markets remain visibly clean, fair and reliable”. In our view, the onset of EU withdrawal has cast the role of the FCA into the international regulatory spotlight. Accordingly, the FCA will dedicate and, in some cases, redistribute significant funds to Brexit preparations and keep its EU withdrawal priorities and resources under permanent review. We encourage financial services firms to adopt a similar approach until the outcome of the ongoing negotiations delivers greater certainty.

Indeed, March 2019 will not mark the end of the FCA’s focus on EU withdrawal. While most of the building blocks of the post-Brexit regime will continue to fall into place over the course of 2019, the FCA’s activities will extend beyond this. For that reason, we assert that regulated firms must maintain a similar level of agility to account for prospective revisions, amendments or restructuring of regulatory frameworks.

Firms’ governance2018 will be an important year on the governance front. The Senior Managers and Certification Regime (SMCR) will extend to insurers from 10 December 2018 (replacing the current Senior Insurance Managers Regime). Additionally, the rules will apply to solo regulated firms from December 2019. As our experience in the banking sector testifies, an early start is essential for the successful implementation of the certification regime, given the level and complexity of engagement necessary across organisations. Firms are encouraged to start thinking about the change necessary to comply.

FCA Business Plan

6

Financial crimeFinancial crime has been a recurring theme in the FCA’s Business Plans over previous years. The regulator is supporting the use of innovative technology solutions (fintech and regtech) to enhance financial crime controls and risk assessment. In particular, it will look at capital markets, where the 2017 national risk assessment pointed to the increasing threats posed by money laundering and terrorist financing activities. Indeed, the benefits of many new technologies reach further than traditional technology imperatives of automation and cost efficiency. The ability of fintech solutions to interrogate vast quantities of data from multiple dimensions lends a whole new perspective to regulatory assessments, particularly in the case of transaction monitoring.

The 2018-19 Business Plan is particularly focused on pensions. It is not surprising, therefore, that the regulator has used this opportunity to announce that it will work with the Pensions Regulator to launch an awareness campaign, ScamSmart, aimed at preventing fraud and scams.

Finally, as uncertainty prevails on the Brexit front, firms will have to await further communications on the implementation of AMLD5.

Data security, resilience and outsourcingRecent incidents have raised the profile of operational resilience, within the banking sector in particular. This reinforces the FCA’s desire to reduce disruption to critical services and reinforce data security. The FCA plans to strengthen the supervision of ‘high impact’ firms at the same time as it increases the regulatory scrutiny of ‘lower impact’ players. This means that all firms will have to establish a framework to monitor the operational resilience of their systems and ensure they have adequate reporting regulatory channels. For many, this will require significant mapping exercises and, potentially, a reappraisal of their approach to outsourcing.

Data security and integrity remain a major area of focus across the board. The onset of Open Banking and the implementation of the GDPR highlight the FCA’s focus on customer data and its desire that consumers play a more active role in the ownership and use of their data profiles. Furthermore, as the use of third parties to manage risk and critical services becomes more prevalent, so does the FCA’s supervision of this area. Accordingly, financial institutions will be expected to provide absolute transparency around these relationships and the manner in which institutional and systemic risk will be managed.

FCA Business Plan

7

Innovation, big data, technology and competitionThe FCA is a strong advocate of innovation and the use of financial and regulatory technologies, as demonstrated by the global regulatory sandbox project and the implementation of regtech to achieve reporting and oversight efficiencies. While technology continues to play a crucial role in promoting competition, this is inevitably accompanied by emerging risks that require effective monitoring and management. Firms using new technologies must be able to demonstrate they have implemented robust controls to avoid customer detriment. Firms offering cryptocurrencies must be prepared for their inclusion within the FCA perimeter.

Treatment of existing customersThe FCA’s focus on the treatment of existing customers is not new but it has shifted from the life insurance sector to general insurance and retail banks. General insurers and retail banks must review their pricing frameworks and prepare for intense regulatory scrutiny – especially given the regulator sees existing customers’ treatment as a strong indicator of a firm’s culture.

Long-term savings, pensions and intergenerational differencesThe changes to pension freedoms and auto-enrolment, introduced in recent years, mean that consumers must take greater responsibility for their long-term financial security options. The FCA is unsatisfied with the way certain firms have responded to the pensions reforms. The regulator is particularly concerned with the quality of the advice and the information consumers receive; as a result, it is considering heavy intervention in areas such as pension transfers. Firms must be ready to demonstrate that they are serving customers’ interests and, given the regulator’s determination to intervene, proactive remediation programmes are advisable.

High cost of creditThe FCA’s focus on the high cost of credit is directly linked to its revised definition of ‘vulnerability’. The regulator has stated that there is not one factor to assess vulnerability and that it can arise at any time depending on an individual’s life and circumstances. Firms are expected to use new technologies to pick up behavioural patterns related to vulnerability.

Aside from the specific vulnerability question, the FCA more generally has adopted an interventionist approach in this market. Firms with inadequate or opaque pricing structures will be under regulatory scrutiny.

FCA Business Plan

8

The UK Parliament’s failure to approve the withdrawal agreement negotiated with the EU resulted in an extension of Article 50. The terms of the extension granted on 11 April provide that the UK does not need to leave the EU until 31 October 2019 as long as it takes part in the European Parliament elections. If a deal is ratified before the new exit day, the UK could leave on the first day of the month following such ratification.

The extension of the Brexit deadline has eliminated the immediate risk of leaving the EU without a deal; however, the existing political uncertainty means that there is no clear solution for the Brexit impasse

Paul GarbuttPartner - AdvisoryT +44 (0)20 7865 2170 E [email protected]

Dana WardPartner - TaxT +44 (0)20 7728 3316 E [email protected]

Brexit: no end in sight “The UK could take this opportunity to update the rules that are not entirely aligned to its regulatory objectives and reinforce its position as a competitive centre for financial services.”

Brexit

9

Key dates

23–26 May 2019

European Parliament elections

20–21 June 2019

EU summit

2 July 2019

First sitting of the new European Parliament

17–18 October 2019

Last meeting of the European Council before Brexit day

November 2019

Special summit. Trade and future relations talks begin

31 October 2019

Brexit Day – extension deadline

31 December 2020

End of the transition period (if the withdrawal agreement is ratified)

1 January 2021

Agreement on future relations expected to enter into force.

What is the deal?In November 2018, the UK and the EU reached an agreement on the text of the withdrawal agreement. Simultaneously, they agreed on the text of a political declaration on the future relationship, which included commitments relating to financial services. The declaration covered matters such as preserving financial stability and market integrity, as well as investor and consumer protection. The parties proposed a close and structured cooperation on regulatory and supervisory matters. However, the text stated that the UK and EU would only start assessing the equivalence of each other’s regulatory and supervisory regimes post-Brexit.

While these commitments were received positively, the lack of tangible alternatives to the current passporting regime, on which many financial institutions currently rely to conduct cross-border business from the UK, caused concern.

Brexit

The withdrawal agreement also contains provisions on transitional arrangements to bridge the period between the date on which the UK leaves the EU and the date on which any future relationship agreement comes into force. If approved by the UK Parliament, the transition will start on exit day and end on 31 December 2020. During this period, the UK will retain full access to the EU single market and therefore, unless otherwise provided, EU law will be ‘applicable to and in’ the UK. However, the UK will have no influence upon the development or modification of these laws.

The UK Parliament has rejected the current withdrawal agreement on three occasions resulting in cross-party negotiations. Inter and intra party fractions make the likelihood of the current deal passing slim, despite a resolute stance from the EU, who insists the existing deal is not open for renegotiation

No deal?The latest extension does not prevent the UK from leaving the EU without a deal. It is unclear what would happen if the UK fails to approve the withdrawal agreement before the 31 October. One of the options is for the financial services sector to be regulated by World Trade Organisation rules. These rules, and in particular the General Agreement on Trade in Services, are only a framework within which governments operate when determining the access rights they are prepared to afford foreign services suppliers.

The continued uncertainty prompted UK firms that conduct business in EU Member States to consider relocating some or all of their operations to the EU to retain access to this clientele post-Brexit. Despite this operational restructuring, authorities have drawn attention to the possible lack of preparedness of many firms, should the UK leave without a deal.

An area of particular concern is the effect that a no-deal Brexit could have on cross-border contracts. According to the Bank of England, approximately six million UK insurance policyholders and 30 million EEA insurance policyholders could be affected. While EIOPA has issued recommendations on how to treat insurance cross-border contracts in the event of no deal, by the time the guidance was issued a significant proportion of EU27 countries had already issued their own guidelines. The disparity between which could pose a potential issue for UK insurers.

10

The PRA and the FCA have launched a temporary permissions regime to ensure that EU firms carrying out business in the UK will be able to continue to operate if the deal is not approved. The deadline to apply for temporary permission has been amended twice in accordance with the extensions of deadline to leave the EU. For those firms that do not fall within the scope of the temporary permissions regime, the FCA has established the financial services contracts regime. This mechanism allows for the run-off of existing contracts which will ensure an orderly exit from the UK market. These solutions have provided a certain degree of certainty to EU firms operating in the UK. However, they have seldom been replicated by EU27 countries.

The European (Withdrawal) Act 2018 gives the government the power to make statutory instruments directly converting the entirety of the acquis communautaire into UK law. Accordingly, the FCA and PRA have made substantial changes to their handbook and rulebook. Given the extent of the modifications, firms have been granted a period of 15 months (from exit day) to comply with them. Additionally, the Treasury has published legislation to give the UK financial regulators powers to make transitional provisions connected to changes to financial services legislation. These powers will be particularly useful to ensure regulated entities can continue to comply with their regulatory obligations as they did before exit day in case the UK leaves without a deal.

Another area of concern for firms is whether they will need to comply with EU legislation currently in the pipeline (ie AMLD5, CRD V, CRR II or BRRD II). Until regulators indicate otherwise, financial services firms must follow EU law. Given the extension of Article 50 until 31 October 2019, if the UK ratifies the withdrawal agreement, these regulations are likely to come into force before the end of the transition period. Should the transition period not materialise, we believe the UK is likely to adopt similar provisions in a quest to enhance future equivalence. However, the UK could also take this opportunity to update rules that are not entirely aligned to its regulatory objectives.

UK regulators have stated that the protection of customers and financial stability remain key priorities. While the industry has suffered from the endless uncertainty that has surrounded the exit process, Brexit could represent an opportunity to bolster the UK’s position as a competitive center of excellence for financial services while consolidating its role at the forefront of the issuance of solid regulatory standards.

No Brexit?The UK Parliament has twice rejected the possibility of leaving the EU without a deal. If a deal cannot be agreed before 31 October, the Parliament could consider revoking Article 50. In December 2018, the Court of Justice of the European Union confirmed that a member state could unilaterally revoke its notification under Article 50 in accordance with its own constitutional requirements. The withdrawal of the notification must be unequivocal and unconditional. In theory, a vote in the House of Commons would suffice; nevertheless, a second referendum may be a pre requisite.

Brexit planningWhile most firms are likely to have completed their preparations for a no deal scenario, the extension provides an invaluable opportunity to finalise any remaining open issues or consider options that were discarded due to time constraints. In any case, firms will continue to monitor political and regulatory developments closely. Ensuring that Brexit teams are prepared to resume their activities at short notice seems prudent, particularly in light of the highly volatile political environment.

Brexit

11

Financial crime

Financial crime prevention remains a priority focus for both UK regulators and financial services firms, with various new rules becoming applicable through 2018 and 2019. Meanwhile, legislators continue to grapple with challenging policy decisions that will set precedents and shape the future for compliance and enforcement.

An uncertain horizon for financial crime regulation “Financial crime prevention

remains a priority for both UK regulators and financial services firms. Organisations will be closely monitoring Brexit negotiations to inform their responses to any prospective changes to financial crime regulation coming from the EU, particularly AMLD5. In the next 18 months, we anticipate significant developments in the use of technology to detect suspicious transactions more swiftly supported by enhanced cross-border co-operation.”Tom TownsonPartner – AdvisoryT +44 (0)20 7865 2175 E [email protected]

12

Financial crime

FATF’s verdictThe Financial Action Task Force (FATF) hasn’t had a particularly high profile in the UK in recent years but it is highly influential on EU country risk ratings and, following Brexit, will provide the main international technical standards for UK rule-making.

The FATF completed its fieldwork on its latest ‘mutual evaluation’ of the UK’s anti-money laundering (AML) and counter-terrorist financing (CTF) regime in March 2018 and is expected to hold a plenary discussion on the results in October 2018. The latest assessment highlighted London’s role as a centre for international money laundering. Another poor score in October could have a material impact on discussions with the EU about regulatory equivalence, as well as setting the scene for additional UK regulation.

The government’s main tool for responding to the FATF is the sanctions and Anti-Money Laundering Act 2018. As well as enabling the UK to maintain an effective independent sanctions regime upon withdrawal from the EU, the Act allows ministers to ‘clone’ the 2017 Money Laundering Regulations and to pass new regulations on the full scope of AML/CTF in response to FATF commentary.

of the USD 2.4 trillion laundered through international financial systems is frozen or confiscated by law enforcement1%

80%of fraud losses are conducted through payment card fraud

9573 6457 7464 4744

The amount banks have paid in fines and settlements since 2008 exceeds

USD 321 billion

The World Bank estimates over

USD 1 trillionis paid in bribes every year – the cost of corruption is estimated to be 2% of global GDP

13

Financial crime

Brexit and the Fifth Anti-Money Laundering DirectiveThe Fifth EU Anti-Money Laundering Directive (AMLD5) has been approved by European legislators. This initiates a process that includes the transposition of the Directive into national legislation – due 18 months from the effective date – and also the setting up of extended registers of beneficial ownership data, due to be interconnected via the European Common Platform within 32 months of the effective date.

Technically, the UK will still be a member of the EU at the transposition deadline, thus will be bound by AMLD5. Whether AMLD5 will be transposed into UK law, post-Brexit, remains unclear, as does the question of access to European data registers. However, using the regulatory powers in the Sanctions and Anti-Money Laundering Act 2018 would allow ministers to replicate essential aspects of the legislation, maximising the UK’s chances of achieving ‘super equivalence’ post-Brexit.

Managing global and local risksThe UK updated its national risk assessment in October 2017. While regulators struggle to find the right practical approach to issues such as virtual currencies, the approach to some global risks is clear: increase transparency and it will be harder for criminals to hide. This belief is behind both the new registers in AMLD5 and the UK’s recently published plans for a register of overseas owners of UK property.

UK supervisors will expect to see the commitment to transparency evidenced in updated firm-level risk assessments, due to be completed this year. More importantly, regulators are particularly interested in firms’ behaviours, which will need to be evidenced by proactive remediation of known issues or by updating internal policies to make sure they match regulatory standards.

Other recent or upcoming legislation will also start to have a more concrete effect, including updates to the FCA’s Financial Crime Guide related to the 2016 Market Abuse Regulation and the impact of the General Data Protection Regulation on firms’ data retention and destruction policies for due diligence.

Remaining compliantTo cope, firms must stay focused. The general direction of travel – a flexible risk-based approach, increasing corporate responsibility and transparency – will remain the same in a post-Brexit environment. Areas of overlap in terms of risks and information offer firms an opportunity to seek genuine efficiencies in compliance. Understanding of the overall financial crime data set and investing in intelligent technology solutions will help to keep costs down. Most important will be maintaining the right skills to know when human judgement is essential to getting the right outcome.

14

The use of technology in financial services (fintech) and, in particular, its use for regulatory compliance purposes (regtech) is now commonplace within financial services. Indeed, while many such businesses like to champion the disruptive nature of their capability offerings, the reality is that they are now an integral part of the financial services infrastructure. Tellingly, the influence of fintech and regtech firms now extends significantly beyond the traditional use cases of anti-money laundering, identification and verification, onboarding, payments and customer experience. These technologies now transcend customer, product and operational processes. Regulators around the world have been keen to recognise and support the merits of fintech and regtech, particularly in areas of focus such as enhancing competition and financial inclusion.

Establishing an equilibrium between innovation and regulation

Fintech

“The use of fintech and regtech now transcend customer, product and operational processes, and effective regulation of the sector has never been more relevant. Regulators must find a dynamic equilibrium to encourage growth and foster innovation, while ensuring financial stability and safeguarding the consumer.”

David RoylePartner – Advisory T +44 (0)20 7865 2834 E [email protected]

15

The optimal regulation of the sector has never been more relevant. Regulators must find an adequate equilibrium to encourage growth and foster innovation, while ensuring financial stability and safeguarding consumers. When we refer to fintech regulation it is important to specify that it is not the technology that needs to be regulated, but rather the activities for which it is used. This is where the complexity lies. Naturally, no international regulations apply to fintech companies and the approach regulators have adopted around the world varies widely. Some policymakers have decided to regulate fintech using existing national frameworks; others have crafted tailored regulations for the sector. Some jurisdictions, such as the United Kingdom, have introduced an innovative approach – the regulatory sandbox.

EU regulationAs yet, there is no unified legislation to regulate fintech in the EU. This is principally due to the diverse nature of fintech businesses. Instead, the European Commission has created a fintech action plan, comprising 19 individual initiatives. The Commission wants to avoid introducing overly prescriptive regulation that could affect the pace of innovation; however, it is aware that if it did not intervene, EU financial providers could be disadvantaged. Nevertheless, the Commission must ensure that key risks relating to consumer protection (eg initial coin offerings) and to financial stability (eg cyber security) are identified and addressed. One of the Commission’s key policymaking principles is that it should remain technology neutral. This means that regulatory requirements must not govern specific types of technology, only the activities they facilitate and the firms carrying out these activities.

Fintech

Since 2012, London fintech companies have attracted more venture capital money (USD 3.49 billion) than Amsterdam, Berlin, Frankfurt and Paris combined

USD 3.49 billion London

BerlinUSD 32 million

ParisUSD 32 million

AmsterdamUSD 98 million

FrankfurtUSD 34 million

16

Artificial intelligence is expected to drive

95%of all customer interactions in 2025

By 2025,

10%of GDP will be stored on blockchains or blockchain-related technology

77%of Europeans use their mobiles to keep track of their finances

Other regulatory approachesOther countries, such as Switzerland, have introduced specific licences for fintech platforms. This licensing regime gives the Swiss Financial Market Supervisory Authority the opportunity to individually analyse fintech firms and tailor the regulation depending on the activities they carry out. In certain cases, the companies must obtain a licence to operate; in others, the regulator simply asks the company to fulfil certain requirements to operate in the market.

UK regulatory regimeUK regulators are often referred to as one of the key enablers of London’s position as a global fintech leader. In 2015, the FCA launched the regulatory sandbox. The sandbox is a ‘safe space’ where companies can test different financial services innovations in a live environment with consumer protection in place but without the full burden of regulation. If the product or service fails to comply in the test environment, there are no consequences for innovators. Additionally, the FCA offers a number of services to the companies using the sandbox. These include: providing feedback on their products and services, answering regulatory queries or conducting TechSprints to encourage innovation. This collaborative approach provides regulators with an invaluable source of information.

We have witnessed instances in which regulatory directives have driven significant fintech development, such as MiFID II data requirements increasing the prominence of a raft of data analytics engines. This year, the GDPR, AMLD5 and PSD2, in our estimation, will likely continue this trend. Working with regulators via the sandbox and other initiatives is crucial both to gaining regulatory confidence and validating the effectiveness of prospective solutions, thus safeguarding financial stability.

Fintech

17

Data remains at the heart of international, regional and national regulatory agendas. While the accuracy and integrity of data have long been pivotal in demonstrating and reporting compliance, various new security-specific regulations have upped the ante. Accordingly, firms will find themselves increasingly compelled to adopt a holistic approach to compliance that will encompass data access and management, as well as data security. Below, we summarise some of the key areas of impact in the near future.

Secure and effective use of data will define institutions’ long-term success

Open Banking and data

“We believe that the banking sector is undergoing the customer-centric revolution that other industries have already experienced. PSD2, in our view, will facilitate the acceleration of this process and encourage significant strides to be made in product innovation and greater inter-provider transparency that should also increase competition. Consumers’ data protection concerns represent potentially the greatest barrier to progress. The successful management of impending regulatory challenges surrounding financial crime and data protection will be crucial to the ongoing credibility of institutions targeting financial services.”

Manu SharmaPartner – Advisory T +44 (0)20 7865 2406 E [email protected] 18

Open BankingUshered in at the start of 2018 by a combination of the European Second Payment Services Directive (PSD2) and the UK-specific initiative from the Competition and Markets Authority, Open Banking exemplifies the importance of open data (or, simply put, access to data) in driving transparency and integrity within the financial services sector.

The PSD2 enables regulated third-party providers, with a customer’s consent, to access that customer’s bank account information and request payments. The benefits, from the perspective of customers and the market, are well documented: product innovation, increased competition and greater inter-provider transparency. Nevertheless, the impending regulatory challenges surrounding data privacy, data protection and legal liability are significant.

To date, progress has been incongruent. The increasing fluidity, sharing and changing state of data challenges the efficacy of traditional data security methods, such as perimeter approaches, firewalls and intrusion detection systems. Not only must financial institutions identify the correct tools and systems to protect the data for which they are responsible, they must also develop processes and governance to evidence ownership and accountability to demonstrate compliance, which in turn emphasises the need for more rigorous and transparent approaches to data management.


Data management and protectionJanuary brought about the implementation of three major regulations increasing the onus on enhanced management, protection, integrity and provision of data: MiFID II, the EU Benchmarks Regulation (BMR) and the Packaged Retail and Insurance-based Investment Products (PRIIPs) Regulation. In the cases of the BMR and the PRIIPs Regulation, the customer-centric nature of the requirements will prompt some firms to both review their existing product set and consider the use of third-party services to support production and distribution of information to customers.

Continuing the focus on customer centricity, the General Data Protection Regulation (GDPR) applies all-encompassing data privacy rules upon EU organisations holding customer data. Where MiFID II, the BMR and the PRIIPs Regulation major on the provision and integrity of information, the GDPR focuses on how firms treat the data they hold. In addition to proactively seeking the consent of individuals to process personal data, financial institutions must also destroy personal data when it no longer has a purpose. Accordingly, where consent is granted, firms must, on a recurring basis, appraise and manage personal data to understand what they hold and its purpose at any given point in time.

From a market perspective the Fundamental Review of the Trading Book will, arguably, place the most onerous demands on banks’ existing data infrastructures. This will require the use of advanced analytics to more frequently interrogate not only internal data, but also three different sources of external data, as part of banks’ capital calculations.

19


While such requirements have marked compliance-related implications, financial institutions will be determined to harness the data they hold, and to which they have access, to drive enhanced business decision-making and optimisation. Accordingly, the role of ‘big data’ and analytics within the financial ecosystem will continue to grow in influence, underpinned by solutions such as blockchain.

Big data and data governanceAs regulatory reporting demands escalate and are supplemented by protection and provision of information requirements, financial institutions are finding the merits of big data solutions increasingly compelling. Nevertheless, regulators are aware of the need for ownership and accountability where the use of advanced technologies and data solutions are concerned.

To address this, firms are beginning to concentrate on data governance and enhanced collaboration. Improved infrastructures and procedures are underpinned by more clearly defined roles and responsibilities within the decision-making process and traceable taxonomies and data quality standards.

Defining the scope and responsibilities of such roles is the first part of the jigsaw. Driving greater collaboration between accountable executives, namely CROs, CFOs, CIOs and CDOs, will further reinforce the integrity of data governance models and, in turn, engender enhanced trust from regulatory bodies.

20

Sandy KumarHead of Financial ServicesT +44 (0)20 7865 2193 E [email protected]

“We expect the first half of 2019 to be dominated by the repercussions of the Brexit process, before focus shifts to future concerns such as industry digitisation, resilience, disintermediation and the ever-changing needs of customers. Given the multi-dimensional nature of the regulatory landscape, we believe flexibility and agility will be crucial to adapt to change while managing risks effectively.”

Cross-financial servicesFifth Anti-Money Laundering Directive 22

Part 8 of the Policing and Crime Act 2017 24

Bribery Act 2010 26

The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 27

Criminal Finances Act 2017 29

Revised Wire Transfer Regulation 31

Market Abuse Regulation 32

Client Assets Regime 34

Markets in Financial Instruments Directive II 36

Regulation on a pan-European Personal Pension Product 38

General Data Protection Regulation 40

Securities Financing Transactions Regulation 41

Senior Managers and Certification Regime 43

European Market Infrastructure Regulation 45

Capital Requirements Directive IV 47

Capital Requirements Regulation II and Capital Requirements Directive V 49

21

In a nutshellThe Fifth Anti-Money Laundering Directive (AMLD5) amends the Fourth Anti-Money Laundering Directive (AMLD4) as part of the European Commission’s action plan to strengthen the fight against money laundering and terrorist financing. AMLD5 is a minimum harmonising directive. It was first drafted in 2016, prompted by increased terrorist threat levels in Europe, various scandals such as the Panama Papers and the impact of new technologies, such as virtual currencies. The main objectives of AMLD5 are to increase the effective flow of information between EU Member States, to improve the general transparency of financial transactions and legal entities, to close loopholes and to remove practical blockages to co-operation that have arisen since the enactment of AMLD4.

AMLD5 has been subject to intense political negotiations. The European Parliament adopted AMLD5 at first reading on 19 April 2018.

Fifth Anti-Money Laundering Directive

EU Cross-financial services

Enacted

10 January 2020

Transposition deadline

10 July 2020

Member States to apply Article 12(3) of AMLD4 relating to anonymous prepaid cards

10 September 2020

Deadline for establishing centralised automated mechanisms to identify holders of bank and payment accounts and safe-deposit boxes

Key dates

10 January 2019

AML and CTF supervisors and ECB to conclude an agreement for exchanging information

22

Core componentsScopeVirtual currencies, providers of exchange services and custodian wallet providers fall within the scope of AMLD5. Property lettings and art dealing transactions of EUR 10,000 or more will be regulated. All entities or individuals providing or intermediating on tax advice will also be covered by AMLD5.

Politically exposed persons (PEPs)AMLD5 widens the range of individuals to be treated as PEPs by requiring Member States to identify and list permitted public functions in their territories (including roles at international organisations).

Beneficial ownership informationAMLD5 requires that new central registers are set up at a national level for the beneficial owners of all trusts and similar legal arrangements, for bank account holders and for safe-deposit box holders.

Customer due diligence (CDD)AMLD5 reduces the exemptions from CDD. The upper limit for exempt transactions on anonymous prepaid cards falls to EUR 50, while the pre-loaded storage limit and transactions on exempt payment instruments drops to EUR 150 per month. Pre-paid cards issued outside of the EU must meet EU CDD requirements. Member States are required to ban anonymous safe-deposit boxes.

Risk-based approachAMLD5 maintains a risk-based approach while introducing more specific measures in relation to high-risk third countries, enhanced due diligence (EDD) and revised triggers for ongoing due diligence. In addition, AMLD5 requires Member States to prepare anti-money laundering (AML) and counter-terrorist financing (CTF) performance reports for the EU, detailing regime performance.

Competent authoritiesAMLD5 broadens and clarifies the definition of competent authorities, which will include any bodies involved in investigations or in the freezing and confiscation of assets, as well as those involved in supervision.

High-risk third countriesAMLD5 introduces additional EDD measures for counterparties from third countries identified as high risk by the EU. The EDD measures cover aspects such as the setting up and supervision of branches and the maintenance of correspondent banking arrangements.

Financial Intelligence Units (FIUs)FIUs receive further powers to proactively request, access and share data at both national and cross-border levels. AMLD5 also seeks to remove legal obstacles that have hampered data exchange and co-operation to date, such as the lack of equivalence in predicate offences.

InterconnectionAMLD5 sets ambitious timescales for the interconnection of national registers of beneficial ownership data for both corporates and trusts, via the European Common Platform. This must be complete within 32 months of AMLD5 coming into force.

Whether the UK will be subject to AMLD5 remains a point of contention. The effective date and the transposition deadline for the Directive are likely to fall within the Brexit transition period. This suggests that the UK would, technically, be bound by the Directive. However, how the regime will work in practice is yet to be defined.

AMLD5

23

In a nutshellPart 8 of the Policing and Crime Act 2017 (PCA) upgrades the scope and powers of the Office of Financial Sanctions Implementation (OFSI), the body set up by the Treasury to manage financial sanctions enforcement in the UK. This legislation is the result of rising international concern around the effectiveness of existing sanctions. It brings the UK’s enforcement approach into line with that of other, more forceful jurisdictions (for instance the Office of Foreign Assets Control in the USA).

Part 8 of the PCA harmonises and enhances criminal sentencing for contraventions of sanctions-related offences, as well as creating new powers to impose civil penalties, including monetary fines. OFSI is responsible for issuing guidance on how monetary penalties will be calculated and applied. OFSI guidance was updated in March 2018.

A number of the sanctions currently in place in the UK are either EU sanctions or UN sanctions enforced in the EU through direct regulation. In order to ensure the continuity of its existing sanctions regime through the Brexit process, the UK Parliament has passed the Sanctions and Anti-Money Laundering Act 2018. This gives the government the ability to issue regulations enforcing existing sanctions and imposing new sanctions where appropriate, including UN sanctions.

Part 8 of the Policing and Crime Act 2017

UK Cross-financial services

Enacted

24

Core componentsEnhanced criminal sanctions The maximum sentence for breaches of EU financial sanctions is uplifted to match that applying for UK sanctions and the EU terrorist asset-freezing regime: seven years on indictment, or six months (12 months in Scotland) on summary conviction.

Civil sanctions available • OFSI can impose monetary penalties or, where this is not

appropriate (for instance when it is not in the public interest to do so), it can issue an enforcement notice requiring improved compliance, or can refer entities or individuals to their relevant regulator

• A monetary penalty may be issued under law if OFSI is satisfied ‘on the balance of probabilities’ that the relevant person has breached or failed to comply with a sanctions-related obligation and the person knew, or had reasonable cause to suspect, that this was the case

• In practice, OFSI looks for additional evidence for a breach to meet its threshold for monetary penalties: that the breach has involved funds or economic resources being made directly available to the designated person, or that there has been deliberate circumvention, or that the person in the case has not complied with requirements to provide information to OFSI.

Calculation of monetary penalties• Where the overall value of funds or economic resources involved

can be estimated, the maximum penalty is GBP 1 million or 50 per cent of the estimated value, whichever is greater

• Where the value of funds or economic resources is not known, the maximum penalty is GBP 1 million

• OFSI may apply a discount to the maximum penalty to ensure any fine applied is proportional in relation to other cases. It will also consider other mitigating or aggravating factors, which can include: the behaviour and professional status of individuals concerned, the risk profile of the sector or business, the approach to disclosure and remedy and the overall impact of the breach.

Other remedies• Serious Crime Prevention Orders may now be issued against

defendants in respect of breaches of financial sanctions legislation

• Deferred prosecution agreements are available in cases where the individuals concerned co-operate with investigations and a lengthy and costly prosecution would not be in the public interest.

Continuity of implementation for UN sanctionsThe UK may make temporary regulations via statutory instruments to implement new UN sanctions in order to prevent asset flight while waiting for corresponding EU regulations.

PCA

25

In a nutshell The Bribery Act 2010 (the Act) defines and criminalises bribery, including the bribery of foreign public officials. It also creates a corporate offence of the failure of commercial organisations to prevent bribery. The Act has a broad extra-territorial reach and was enacted to ensure that the UK was compliant with the 1997 Organisation for Economic Co-operation and Development Anti-Bribery Convention. It is among the strictest legislation in the world in this area.

Bribery Act 2010Core componentsThe offence of briberyBribery is defined as one person offering another person a financial or other advantage, where this advantage is intended to induce or reward ‘improper’ performance of a function or activity. Whether or not this outcome is achieved is irrelevant – it is the intent that is significant.

Reciprocal offencesRequesting, agreeing to receive or accepting a bribe is also an offence. In these cases, whether or not the recipient (or other person carrying out the affected activity) knows that the requested action is improper is irrelevant.

Involvement of other partiesBribery can be indirect when the advantage is offered or requested through a third party, or where the recipient of the advantage may not be the individual who is expected to perform improperly.

Relevant functionsThese include: public functions, activities connected with a business or performed as part of employment or activities carried out by or on behalf of a body of persons, whether or not incorporated. These functions are in scope where the person performing the activity is expected to perform it impartially, or in good faith, or is in a position of trust due to its role.

Improper performanceThis is defined as an activity being performed in breach of relevant expectation, or failure to perform at all, where this constitutes a breach of relevant expectations. The test of ‘relevant expectation’ is defined as what a ‘reasonable person’ in the UK would expect in relation to a particular function.

Failure of commercial organisations to prevent briberyThis is a strict liability offence. When an associated person of a firm bribes a third party in order to retain business for the firm or gain an advantage of some sort for the firm, that firm is guilty unless it can prove that it had ‘adequate’ prevention procedures in place.

This corporate offence applies to all companies, partnerships and limited liability partnerships, whether incorporated in the UK or not, that carry on some business in the UK. It applies to the activities of these entities and their associated persons on a global basis. An individual associated with a firm is anyone performing services for or on behalf of the organisation, including an employee or an agent.

Penalties for this corporate offence include criminal prosecution and potentially unlimited fines. The Act also allows for deferred prosecution agreements. Firms are required to carry out regular documented assessments of their exposure to the risk of bribery and to have proportionate prevention procedures in place. This includes registers of gifts and hospitality offered and received.


Enacted

26

In a nutshellThe Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR17) transpose the Fourth Anti-Money Laundering Directive (AMLD4) into UK law. MLR17 repeals and replaces the Money Laundering Regulations 2007 and the Transfer of Funds (Information on the Payer) Regulations 2007. The introduction of a risk-based approach to customer due diligence (CDD) is the primary difference from previous regulations. The approved guidance relating to the implementation of MLR17 is provided by the Joint Money Laundering Steering Group.

The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017

Cross-financial services

EnactedUK

27

Core componentsScopeIn addition to those entities covered in the previous rules, gambling providers are now regulated and there are wider requirements for the disclosure of beneficial owners of trusts. Estate agents are regulated whether they are on the sale or purchase side of a transaction.

Limits and exemptionsThe maximum turnover under which persons engaging in occasional financial activity are exempt from the rules has risen from GBP 64,000 to GBP 100,000. The maximum transaction value for exempt high-value dealing has dropped to EUR 10,000.

Risk-based approachRegular risk assessments must be carried out at national, supervisor/sector and relevant person or entity level. The assessments must take into account relevant EU and Financial Action Task Force inputs and consider a range of risk factors (customer profile, geographic exposure, sector, etc). Risk assessments must be documented and must form the basis of all policies and procedures.

Politically exposed persons (PEPs)The definition of PEPs is broadened to include domestic PEPs (eg members of Parliament and other significant public offices).

Beneficial ownersTrusts are subject to stricter disclosure requirements for beneficial owners. The previous 25 per cent minimum holding threshold for disclosure has been removed. Additionally, a new central beneficial ownership register must be created for trusts with tax liabilities. The register is to be held by Her Majesty’s Revenue and Customs (HMRC). The deadline for registration was 31 January 2018.

Customer due diligenceSimplified due diligence is still an option, but the decision to apply it must be risk based and subject to ongoing assessment. Transactions and business relationships with counterparties in high-risk third countries and with PEPs will automatically require enhanced due diligence. Reliance on third parties for due diligence is still possible; however, it must be supported by clear arrangements for access to underlying documentation.

Responsibility and oversightLarge or complex organisations must appoint a single individual at board level to take responsibility for compliance with money laundering regulations. This individual must ensure that employees appointed are properly qualified and meet high standards of conduct. Such firms must also ensure they have an independent audit function able to assess compliance with MLR17.

Data protectionRelevant persons are required to retain CDD data for a specific period after a one-off transaction or after the end of an ongoing relationship (generally five years, and up to 10 years where required for legal proceedings, required by law or where consent for extended retention has been given). After this period, they have a duty to destroy personal data as defined under the Data Protection Act 1998.

Enhanced sanctions and penaltiesThere is a new criminal offence of recklessly making a false or misleading statement in relation to money laundering, which can lead to fines and up to two years’ imprisonment. MLR17 details the circumstances in which civil penalties can be imposed. Civil penalties include the removal of authorisation for regulated firms.

MLR17

28

In a nutshell The Criminal Finances Act 2017 (CFA17) targets corruption, money laundering and tax evasion. It is part of the government’s strategic approach to reducing financial crime and one of its main objectives is to recoup more financial assets. CFA17 builds on existing legislation to offer greater and more co-ordinated enforcement powers across various UK agencies and to provide additional measures to protect the public, including new corporate offences of failure to prevent the facilitation of tax evasion. It also improves reporting procedures, data sharing and facilitates the seizure of funds obtained through criminal means.

Criminal Finances Act 2017

Cross-financial services

EnactedUK

29

Core componentsEnhancements to the Suspicious Activity Reports (SARs) regimeCFA17 amends the Proceeds of Crime Act 2002 (POCA) to grant the National Crime Agency (NCA) a longer period to investigate potentially suspicious activities. The ‘moratorium’ (during which related accounts and funds are frozen) is extended from 31 days to a maximum of 186 days. The NCA can also request regulated persons or institutions to collaborate with an investigation as well as requiring any regulated person to provide additional information in relation to a SAR or an information request from another EU Financial Intelligence Unit.

Protection for enhanced information sharingRegulated entities (such as banks and other financial institutions) receive additional legal protections in relation to duties of confidentiality and data protection, designed to encourage them to share information with each other and with the NCA. Entities wishing to submit a joint disclosure report are now able to do so; this is known as a super SAR.

Unexplained wealth orders (UWOs)The NCA, the Financial Conduct Authority (FCA), the Serious Fraud Office (SFO) and Her Majesty’s Revenue and Customs (HMRC) have the power to apply to the High Court for UWOs. These orders require individuals to explain the origin of assets that appear disproportionate to their known, lawfully earned income. UWOs can be issued with interim asset freezing orders to prevent possible criminal proceeds from being removed from the country.

Enhanced powers for various agenciesA range of amendments to POCA and other related acts give the FCA, HMRC, the NCA, the SFO, the National Police and UK Visas and Immigration powers to investigate offences related to money laundering and terrorist financing. Additionally, the FCA and HMRC are granted civil recovery powers (the ability to recover property in cases where there has not been a conviction but it can be demonstrated that the property has been obtained through unlawful conduct).

CFA17

New corporate tax offences of failure to prevent the facilitation of tax evasionCFA17 introduces two new offences:• A domestic offence of failure to prevent the facilitation of UK tax

evasion, where criminal tax evasion by a third party has been facilitated by an associated person of the firm

• An equivalent foreign offence, where an associated person of the firm has facilitated an act by a third party, either in or outside the UK, and that act qualifies as criminal tax evasion in both the UK and the relevant foreign jurisdiction.

These new offences apply to companies, partnerships and limited liability partnerships, but not to individuals.

These new crimes are both strict liability offences: in the event facilitation of tax evasion has taken place, a firm is automatically guilty unless it can prove the statutory defence, which is that it had ‘reasonable’ prevention procedures in place. Penalties include criminal prosecution and potentially unlimited fines.

Firms must carry out regular documented assessments of their exposure to the risk of facilitating tax evasion. They must demonstrate that proportionate and ‘reasonable’ prevention procedures are in place.

30

In a nutshellThe revised Wire Transfer Regulation (WTR) (also known as the Regulation on information accompanying transfers of funds) was designed to improve the effectiveness of the existing WTR regime and to ensure that the EU framework is aligned with the Financial Action Task Force’s February 2012 anti-money laundering (AML) and counter-terrorist financing (CTF) standards. The revised WTR sets out the minimum requirements that are essential to ensure the traceability of transfers of funds; it also ensures commonality and consistency of requirements among Member States. The revised WTR came into effect on 25 June 2015 and has applied in Member States since 26 June 2017.

Revised Wire Transfer Regulation

Core componentsScopeThe revised WTR clarifies that fund transfers using a payment card, an electronic money instrument, a mobile phone or any similar prepaid or post-paid device with similar characteristics is subject to the provisions of the Regulation when used for a person-to-person transfer of funds.

Information on the payeeThe revised WTR introduces a new requirement on the payment service provider (PSP) of the payer to ensure that transfers of funds are accompanied by information on the payee.

Verifying the identity of the payeeThe revised WTR imposes a new requirement on the PSP of the payee to verify the accuracy of the information of the payee for transfers of funds of more than EUR 1,000.

Sanctioning powersThe revised WTR reinforces the sanctioning power of national competent authorities (NCAs). NCAs are required to co-operate and co-ordinate their actions when dealing with cross-border cases. In addition, NCAs are required to publish information about any administrative measures and sanctions imposed without undue delay.

Establishment of risk-based proceduresThe PSP of the payee and the intermediary PSPs are required to establish effective risk-based procedures to determine whether to execute, reject or suspend transfers of funds that lack the required payer or payee information.

Whistle-blowingMember States are required to establish effective mechanisms to encourage the reporting of WTR breaches to NCAs. PSPs are required to establish appropriate procedures for their employees to report breaches internally.

Data protectionThe Regulation clarifies the interaction between the requirements in the General Data Protection Regulation and AML and CTF requirements.


Enacted

31

In a nutshellThe Market Abuse Regulation (MAR) forms part of the Market Abuse Directive legislative package (MAD II), along with the Directive on Criminal Sanctions for Market Abuse, which the UK has opted out of. MAR is directly enforceable in the UK and replaces the previous Market Abuse Directive and its enacting legislation. MAR came into effect on 3 July 2016. MAD II was prompted by rapid technological and market developments, as well as by the LIBOR scandal. MAR widens the scope of market abuse, introduces a more standardised approach to disclosure and reporting, and increases the responsibilities of competent authorities (CAs) at a national level.

Market Abuse Regulation


Enacted

32

Core componentsScopeMAR now explicitly covers:• Multilateral trading facilities, organised trading

facilities and over-the-counter trading• Trading in allowances treated as financial

instruments by EU regulatory regimes, for example emissions and some commodities quotas governed by the Common Agricultural Policy

• Non-trading activity that may affect the price of regulated instruments, including the manipulation of benchmarks and derivatives trading that may have an impact on underlying securities or contracts

• Cross-border or cross-market abuse, including instances where spot contracts affect instruments on the derivatives market and vice versa

• Spreading misleading information, including via online channels

• Behaviour affecting regulated instruments that occurs outside of a trading venue, which must now be covered as part of any suspicious activity reporting regime.

Intent and timingMAR clarifies the importance of these concepts in identifying market abuse:• Trading occurring after a trader has received

inside information is de facto abusive use of that information, including amendments or cancellations to orders placed before the information was available

• Failed attempts at manipulation constitute market abuse, provided they meet the basic definition set out in the regulations.

Competent authoritiesMAR widens the role of CAs, although in practice they may delegate some aspects of supervision to local markets. CAs must:• Maintain lists of regulated instruments that have

applied or been accepted to trade on local markets• Run the disclosure regime for inside information,

including assessing requests to delay disclosure• Investigate market abuse (for which they are

given wider rights of access to premises and data, including previously recorded voice data), including co-operating with other EU or third-country CAs

• Enforce new minimum administrative sanctions in cases of market abuse

• Publish decisions in relation to investigations and sanctions to deter market abuse

• Provide the European Securities and Markets Authority (ESMA) with data on accepted practices, listed instruments and the progress of investigations and sanctions.

Disclosure and notifications• ESMA and the European Commission are given the

role of setting uniform technical standards for the format of disclosure notifications and other data to be shared at EU level

• Issuers have a duty to disclose, but can delay where there is a legitimate interest in doing so

• Persons discharging managerial responsibilities, and persons closely associated with them, must notify the issuer and the regulator of certain transactions in or related to any issuer’s financial instruments conducted on their own account

• These requirements are modified for some smaller entities.

ExemptionsMAR does not apply to activities carried out in pursuit of monetary, exchange rate or public debt management policy. Issuers, buy-back programmes and stabilisation measures may be exempt subject to certain conditions.

MAR

33

In a nutshellFirms holding client assets must be compliant with the FCA’s Principle 10 and the Client Assets (CASS) Sourcebook.

CASS continues to be a challenging area of regulatory focus, particularly as it permeates through firms’ governance, risk management and operational arrangements.

The CASS requirements apply across the industry:• For most firms undertaking investment business, the requirements are well

embedded following the implementation of new rules under the FCA’s Policy Statement 14/09

• Firms undertaking insurance intermediation have not had to contend with wholesale CASS changes after the FCA decided not to proceed with revised rules under Consultation Paper 12/20. However, recent enforcement activity will have served as a timely reminder of the FCA’s continued activity in this sector (eg around risk transfer arrangements and protection of client money)

• Certain consumer credit firms, having transitioned to FCA authorisation, have needed to design and build their CASS environment in order to ensure compliance with new CASS 11 requirements

• Peer-to-peer lenders must comply with CASS, and their systems have had to be designed to meet the CASS requirements, in particular CASS 7 reconciliations.

Client Assets Regime


Enacted

34

Core componentsFinancial Reporting Council (FRC) Assurance StandardFor periods commencing 1 January 2016 onwards, all CASS audits have been subject to greater rigour under the new FRC Assurance Standard:

• The Standard has raised the bar for firms to demonstrate CASS compliance to their auditors

• Firms have undertaken detailed mapping exercises to set out the processes, procedures and controls that are in place to mitigate and manage the risks associated with each applicable CASS rule

• The Standard has driven greater focus and transparency on CASS compliance and, consequently, indications are that the volume of breaches and adverse audit reports have increased under the new Assurance Standard

• Since the FCA receives all CASS audit reports, firms need to provide considered management responses and an action plan where there are significant, multiple or recurring failings.

CASS cultureA robust CASS control framework is underpinned by a strong CASS culture and this spans across all three lines of defence. Indicators of CASS culture are typically observable from the activities of the CASS committee, the knowledge and expertise of the CF10a (CASS operational oversight role) and firms’ approach to breach identification and resolution.

Outsourcing and oversightMany firms outsource operational functions concerned with CASS compliance to a third-party administrator (TPA). These firms must:• Demonstrate adequate oversight and control of their

TPAs• Maintain a sound understanding of the relevant CASS

processes and controls operated by the TPA.

Further regulatory risk stems from a high concentration of firms outsourcing their activities to a limited number of systemically important TPAs.

CASS

Markets in Financial Instruments Directive II (MiFID II)The impact of MiFID II to firms has generally been low to modest as many of the anticipated requirements had already been reflected in CASS, but it has nevertheless required analysis.

Senior Managers and Certification Regime (SM&CR)Consultation Paper 17/25 set out the FCA’s proposals for extending the SM&CR to all FCA firms. This includes the potential interaction of roles and responsibilities between the ‘CASS Prescribed Responsibility’ and the ‘CASS Oversight Function’ (in the Certification Regime). Firms, particularly larger organisations, may need to consider how these proposals affect their governance arrangements, including the allocation of CASS responsibilities.

Unbreakable depositsPolicy Statement 18/02 has amended CASS rules around unbreakable deposits (UDs). The rules enable firms to hold a proportion of client money in a UD longer than 30 days, subject to certain conditions.

Reinsurance firmsUnder the FCA’s Policy Statement 17/27, the CASS 5 rules were made mandatory for reinsurance distribution (effective 23 February 2018), reflecting the extended scope of the Insurance Distribution Directive.

35

Markets in Financial Instruments Directive II

In a nutshellThe Markets in Financial Instruments Directive II (MiFID II) and the Markets in Financial Instruments Regulation (MiFIR) repeal and recast the Markets in Financial Instruments Directive (MiFID). Together, MiFID II and MiFIR form the legal framework governing the requirements applicable to investment firms, trading venues, data reporting services providers and third-country firms providing investment services or activities in the EU. MiFID II and MiFIR became applicable on 3 January 2018.

Key dates

1 September 2018

Deadline for systematic internalisers to comply with the transparency regime


Enacted

36

Core components Trading facilitiesOne of the main objectives of MiFID II was to bring all organised trading on to one of three types of trading venues: multilateral trading facilities, organised trading facilities and regulated markets. They are all subject to the same pre-trade and post-trade transparency requirements and similar organisational and market conduct requirements.

High-frequency algorithmic tradingThe Directive introduces new safeguards for high-frequency algorithmic trading. Firms engaging in this type of activity must be properly supervised. This includes requirements to strengthen systems and controls.

New requirements for trading venuesThese requirements include: systems and controls, circuit breakers, trade transparency requirements and rules relating to minimum tick size. Additionally, trading venues must publish annual data on execution quality.

Transaction reportingThe scope of the transaction reporting requirement is extended to all financial instruments to ensure that the MiFID II requirements mirror those of the Market Abuse Directive. An additional new trading transparency regime is introduced for non-equity markets.

Consolidation of market dataInvestment firms are required to submit post-trade data to authorised reporting mechanisms, which report the details of transactions to regulators on behalf of the investment firm. This ensures that the data is published in a way that facilitates its consolidation with data published by the three types of trading venues.

Reinforced supervisory powersUnder the Directive supervisors have the power to ban specific products, services or practices where there are threats to investor protection, financial stability or the orderly functioning of the markets.

SanctionsThe Directive introduces minimum rules to ensure that Member States apply appropriate administrative sanctions and measures to breaches of the rules.

Commodity derivatives marketsThe rules introduce position limits for commodity derivatives and reporting obligations relating to the size and purpose of a commodity derivative contract. Regulators are able to monitor and intervene in trading activity in commodity derivatives where there are concerns about disorderly markets.

Conduct of business requirementsThe Directive introduces enhanced conduct of business requirements to provide additional protection to investors. These include: strict restrictions on independent advisers and portfolio managers, enhanced information disclosure to different categories of clients and limiting the circumstances when firms may provide execution-only services.

Third-country firmsMiFID II introduces harmonised rules for authorisation and conduct of business of EU branches and third-country firms. Non-EU firms wishing to provide investment services to retail clients must do so through a branch. Those firms are allowed direct access to eligible counterparties and professional clients (subject to European Securities and Markets Authority registration and European Commission third-country equivalence decision).

MiFID II

37

In a nutshellAs part of its work to create a personal pension framework, the European Commission adopted the regulation on a pan-European personal pension product (PEPP) on 29 June 2017. The regulation was published alongside a recommendation on the tax treatment of personal pension products (PPPs). The Commission considers that pension products, and personal pensions in particular, are key players in capital markets due to the role they have in linking long-term savers with long-term investment opportunities. The proposed regulation is part of the Commission’s wider work on the capital markets union (CMU). The main objective of this initiative is to strengthen the single market for personal pensions as a means for developing and diversifying the supply of funding to boost the flow of institutional and retail investment into capital markets. The Commission considers that an EU single market in pensions will contribute to the CMU by:• Enabling individuals to obtain access to simple, affordable and transparent PPPs• Creating better conditions to enable a larger number of providers to offer PPPs,

which will in turn increase choice• Encouraging more cross-border provision of PPPs to ensure consumers can

access them from providers located in other Member States• Enabling current personal pension providers to increase economies of scale by

accessing a larger retail market.

Regulation on a pan-European Personal Pension Product

Key dates

Q2 2019

PEPP regulation expected to come into force


Proposed

38

Core componentsAuthorisationThe European Insurance and Occupational Pensions Authority will be responsible for authorising PEPPs and maintaining a central register for PEPPs across the EU. National competent authorities (NCAs) will be responsible for the supervision of PEPP providers.

Cross-border provisionThe portability provision will allow PEPP savers that move to another Member State to continue paying into an existing PEPP originated within another Member State. This provision enables savers to keep all the advantages and incentives linked to continuous investment in the same PEPP.

Distribution and information requirementsPEPP providers are required to act honestly, fairly and professionally in accordance with the best interests of their customers. The proposed regulation sets out distribution and information requirements for PEPPs, including the pre-contractual information that must be provided in the form of a PEPP key information document. Depending on the nature of the PEPP provider or distributor, the distribution rules of the Markets in Financial Instruments Directive II or the Insurance Distribution Directive will apply. If neither of these directives applies, the distribution provisions set out in the PEPP regulation will apply to the PEPP.

Accumulation and decumulation phasesThe accumulation phase is the period during which assets are accumulated in a PEPP account, and it normally runs until the age of retirement. The decumulation phase is the period during which the assets accumulated are drawn upon to fund retirement. The proposed regulation sets out investment rules for PEPP providers. Providers must offer up to five investment options, including a default investment option that ensures that the PEPP saver recoups at least the capital invested. All options must be designed to ensure sufficient protection for PEPP savers. Most decumulation rules are to be determined by Member States, including: setting the retirement age, a minimum period of belonging to a PEPP scheme and a maximum period before reaching retirement age for joining a PEPP scheme.

Investor protectionThe proposed regulation contains various investor protection provisions, such as: the appointment of one or more depositaries for the safe-keeping of assets and oversight duties, complaints resolution procedures and out-of-court redress, as well as the option for providers to cover the risk of death and other biometric risks.

SwitchingThe PEPP regulation allows savers to switch between PEPP providers (once every five years) and introduces a cap on switching costs. However, it will only be possible to switch to another PEPP and not to another type of financial product. The information PEPP providers must provide about switching services is also detailed in the regulation.

SanctionsThe proposed regulation details the infringements of the provisions that can lead to penalties, how NCAs can impose them and how infringements and penalties are to be reported.

PEPP

39

In a nutshellThe General Data Protection Regulation (GDPR) was adopted in May 2016 and is directly applicable in all EU Member States without the need for transposition from 25 May 2018. The GDPR replaces the Data Protection Directive. The issuance of the Regulation is a direct consequence of new technological challenges; additionally, it aims to implement a harmonised framework for the protection of personal data. The Regulation applies to all organisations processing the personal data of individuals in the EU, regardless of where that organisation is based. The UK government has confirmed that the GDPR will apply in the UK after Brexit.

General Data Protection Regulation

Core componentsAccountability principleThe GDPR imposes new obligations on both data controllers and data processors to have documentary evidence of their processing activities.

Enhanced rights for individualsEnhanced rights for individuals include the right to object to certain types of profiling and automated decision-making. Organisations are obliged to publish detailed privacy notices, informing individuals of their data protection rights. The information they need to provide individuals includes: what personal data is being collected, the purpose, who they are going to share the data with and how long it will be retained for.

Stringent consent requirementsConsent must be explicit and freely given for a specific purpose (it must also be easy to retract).

Data protection officers (DPOs)Many organisations will be required to appoint a DPO.

Breach reportingSignificant data breaches must be reported to UK regulators within 72 hours of becoming aware.

Data protection impact assessmentsOrganisations must formally identify emerging privacy risks, particularly those associated with new projects. In addition, organisations must integrate data protection into new business processes and systems.

FinesNon-compliance with the GDPR can result in fines of up to EUR 20 million or 4 per cent of the organisation’s global turnover, whichever is higher.

Data Protection Act (DPA)The government has published a DPA to supplement the GDPR. The Act received royal assent on 23 May 2018. The Act:• Addresses the elements of the GDPR where

national law may elaborate on the relevant provisions

• Addresses data processing in law enforcement and the intelligence services

• Incorporates the GDPR into UK law to ensure that on leaving the EU, the UK is able to satisfy the European Commission that the UK legislative framework is equivalent to that of the EU.


Enacted

40

In a nutshellThe Securities Financing Transactions Regulation (SFTR) requires all securities financing transactions (SFTs) to be reported to trade repositories (TRs) as part of EU efforts to increase the transparency and safety of the financial system in the wake of the 2008 crisis. It follows on from the establishment of the European Systemic Risk Board, and focuses particularly on the control of excess leverage risks in the ‘shadow banking’ sector. To make the interconnectedness of collateralisation arrangements more obvious, the SFTR introduces additional reporting requirements for investment managers and the need for risk disclosures to, and written consent from, the providing party before assets are rehypothecated (ie used as collateral for transactions other than the one they were first provided for). The SFTR came into force in January 2016, with reporting requirements expected to take effect from 2019. UK enactment is supported by a statutory instrument in force from July 2016, which identifies the Financial Conduct Authority and the Bank of England as the national competent authorities for the SFTR. The Regulation requires:• TRs to be registered with the European Securities and Markets Authority (ESMA),

which may grant non-EU TRs equivalence• Detailed reporting by Undertakings for Collective Investment in Transferable

Securities (UCITS) management companies, UCITS investment companies and alternative investment fund managers (AIFMs) to TRs on SFT activity

• Risk disclosure and written consent before counterparties may reuse or rehypothecate assets

• Sharing of TR data with ESMA.

Securities Financing Transactions Regulation

2020

ESMA to publish annual report on aggregate SFT volumes by type of counterparty and transaction

The European Commission to submit a report to the European Parliament and Council on the effectiveness, efficiency and proportionality of the obligations under SFTR

2021

The European Commission to submit a report to the European Parliament and Council on the application of supervisory fees

Key dates

2019

ESMA to report to the European Parliament, Council and the Commission on the efficiency of the SFTR reporting obligation


Enacted

41

Core componentsSecurities financing transactionsSFTs are defined as any transactions that use assets belonging to one counterparty to generate financing means. This includes lending or borrowing securities and commodities, repurchase or reverse purchase transactions and buy/sell back transactions. The definition excludes derivative contracts as narrowly defined by EU regulations, but includes liquidity swaps and collateral swaps.

ScopeThe scope of the SFTR is broad. It applies to all SFT counterparties based in the EU or involving the EU branch of a counterparty; UCITS management companies and UCITS investment companies; managers of alternative investment funds; and any counterparty, financial or non-financial, engaging in rehypothecation, where EU-based or involving an EU branch of the counterparty in question. The SFTR does not apply to members of the European System of Central Banks, EU public bodies charged with or intervening in the management of public debt or the Bank of International Settlements.

ReportingSFT counterparties must report details of the transaction to approved TRs. This information is stored centrally and is accessible directly by relevant authorities in order to identify and monitor financial stability risks. When TRs are unavailable, counterparties can report SFT details to ESMA, as an alternative. Counterparties must keep record of any SFTs they have concluded, modified or terminated for at least five years following the termination of the transaction.

Investor transparencyFund managers must provide pre-contractual and periodic information to investors to make them aware of the risks associated with the use of SFTs and total return swaps.

RehypothecationBefore a counterparty gains the right to rehypothecate collateral, the following conditions must be met:• The providing counterparty must inform the

receiving counterparty in writing of the risks that may be involved in granting consent, which must be expressly given

• Reuse must be undertaken in accordance with the terms specified in the collateral arrangement

• Collateral must be credited to the receiving counterparty’s securities account before its reuse.

Sanctions and competent authoritiesMember States must set appropriate administrative sanctions and measures for breaches of the SFTR, which will be administered by a clearly identified competent authority. The minimum suggested sanctions include withdrawal of authorisation, public warnings, dismissal of management, restitution of profits gained from breaches of the Regulation and administrative fines.

ESMA retains the right to appoint investigative officers and to impose its own sanctions in the case of breaches, using its powers under existing regulation on over-the-counter derivatives, central counterparties and trade repositories.

SFTR

42

In a nutshellThe Senior Managers and Certification Regime (SM&CR) and Senior Insurance Managers Regime (SIMR) are regulatory frameworks that apply to individuals working for dual-regulated firms. The SM&CR replaced the Approved Persons Regime for individuals working for banks, building societies, credit unions, Prudential Regulation Authority (PRA) designated firms and branches of foreign banks operating in the UK. Individuals working for insurers are covered by the SIMR.

The regime came into force on 7 March 2016 for relevant firms and, while the Financial Conduct Authority (FCA) is still to confirm exact dates, we expect it to be extended to all firms regulated or authorised under the Financial Services and Markets Authority from late 2018. The regime comprises three primary elements: the Senior Management Functions (SMFs), Certification and the Conduct Rules.

Senior Managers and Certification Regime

10 December 2019

Extension of the SM&CR for other authorised businesses comes into force

Key dates

10 December 2018

Extension of the SM&CR for insurers comes into force


Enacted

43

Core componentsSenior Management Function holdersThe regime applies to individuals performing a senior manager function on behalf of a relevant firm in the UK or overseas:• Senior Management Functions: the regime sets

out 17 SMFs that relevant firms must assign to individual senior managers (it covers functions such as the Chief Finance function and the Chief Executive function). Individuals holding SMFs must be pre-approved by the regulators

• Allocation of prescribed responsibilities: individuals holding SMFs are allocated prescribed responsibilities. The FCA and the PRA have identified 30 prescribed responsibilities that must be allocated to the senior manager to which the responsibility is most closely linked

• Overall responsibility: firms must identify any individuals that have overall responsibility for an activity, function or area of the business

• Management responsibilities map: relevant firms must record the allocation of SMFs and prescribed responsibilities in a firm’s management responsibilities map. The firm must ensure that all SMFs are covered and that there are no accountability gaps. The map must be shared with the regulators

• Duty of responsibility: under the duty of responsibility, the FCA and the PRA can take action against a senior manager if its firm contravenes a regulatory requirement and the senior manager does not take steps that a person in its position could reasonably be expected to take in order to prevent the contravention from occurring. The burden of proof lies with the regulators

• Statement of responsibility: senior managers must have a statement of responsibilities recording the SMFs that have been allocated to them, as well as their prescribed responsibilities. The statement of responsibilities must be resubmitted when there is a significant change in the senior manager’s area of responsibility

• Criminal offence: a criminal offence was established on 7 March 2016 for those senior managers that cause a financial institution to fail.

CertificationThe regime applies to individuals, working for regulated firms, who pose a risk of significant harm to the firm or any of its customers. Individuals within the scope of the regime do not need to be pre-approved by the PRA or the FCA; instead, they must be certified by the relevant firm as being fit and proper. The fitness and propriety assessment must be undertaken prior to the appointment for the role and, subsequently, certified by the firm on an annual basis.

Conduct RulesThe Conduct Rules are high-level principles that reflect the core standards that the regulators expect of employees that work in relevant firms. These rules replace the existing Statements of Principle and Code of Practice for Approved Persons and are set out in the Code of Conduct sourcebook. Specific Conduct Rules apply to senior managers, while broader Conduct Rules apply to senior managers, non-executive directors, certified individuals and all employees working for FCA-regulated firms (other than ancillary staff).

SM&CR

44

In a nutshellThe European Market Infrastructure Regulation (EMIR) is an EU regulation of over-the-counter (OTC) derivatives, central counterparties (CCPs) and trade repositories (TRs). The Regulation seeks to improve the management of counterparty credit risk and increase trade transparency within the derivatives market. EMIR was brought into force in response to systemic weaknesses exposed following the default of Lehman Brothers, near-collapse of Bear Stearns and the events surrounding AIG in 2008. The interconnectedness of OTC derivative participants and the default, or fear of default, led to liquidity problems, compounded by a lack of transparency of positions and exposures to both regulators and market participants. EMIR came into force in 2012; however, some requirements, such as Level 2 provisions relating to clearing and risk mitigation, have not taken effect yet.

European Market Infrastructure Regulation

21 December 2018

Clearing obligation for Category 4 counterparties applies for OTC Interest Rate Swaps in G4 currencies

31 December 2018

Variation margin requirements apply to physically settled FX forward contracts

9 May 2019

Clearing obligation for Category 4 counterparties applies for certain OTC Credit Default Swaps based on an index

21 June 2019

Clearing obligation for Category 3 counterparties applies for OTC Interest Rate Swaps in G4 currencies, certain OTC Credit Default Swaps based on an index and OTC Interest Rate Swaps in additional currencies

1 September 2019

IM requirements apply with IM Notional Amount Threshold of EUR 0.75 trillion

9 October 2019

Clearing obligation for Category 4 counterparties applies for OTC Interest Rate Swaps in additional currencies

Key dates

1 September 2018

Initial margin (IM) requirements apply with IM Notional Amount Threshold of EUR 1.5 trillion


Enacted

45

Core componentsScopeEMIR applies to counterparties to derivative trades, CCPs and TRs. EU central banks and other public bodies are exempted. The applicability of EMIR depends on whether the counterparty is a financial counterparty or a non-financial counterparty. The clearing obligations of non-financial counterparties are dependent on whether their OTC derivatives trading volumes are over the relevant clearing threshold.

Covered productsUncleared OTC derivatives contracts, as defined in the Markets in Financial Instruments Directive II, are subject to clearing and risk mitigation requirements under EMIR. The clearing requirements apply only to those contracts that have been identified as suitable for central clearing as defined by regulatory technical standards.

The clearing obligationEligible OTC derivatives need to be cleared through CCPs.

Risk mitigation techniquesWhen an OTC derivatives transaction is not centrally cleared, alternative risk mitigation rules apply. These rules impose requirements relating to trade confirmations, robust reconciliation processes, daily mark-to-market of trades, exchange of margin and capital requirements.

Reporting obligationThe reporting obligation was introduced to ensure information of the inherent risks in derivatives markets will be centrally stored by TRs and be easily accessible to the European Securities and Markets Authority (ESMA), other relevant regulators and central banks.

Regulation of central counterpartiesEMIR defines the authorisation process for CCPs established in the EU providing CCP clearing services. The process is complex and involves a number of regulatory authorities; however, once authorisation is granted, it is effective for the entire EU. EMIR contains an extensive list of organisational requirements, conduct of business rules and prudential requirements for CCPs.

Regulation of trade repositoriesA TR is a legal person that centrally collects and maintains the records of derivatives. TRs must be registered with ESMA; once they have obtained registration as a trade repository, the registration is effective for the EU.

Third-country central counterpartiesThe European Commission has determined a number of non-EU countries to be classified as ‘third countries’, who hold equivalent regulatory regimes for CCPs as the EU. CCPs in these non-EU countries will be able to obtain recognition in the EU while they remain subject solely to the Regulation and supervision of their home regulators.

UK implementation of the European Market Infrastructure RegulationEMIR is directly applicable in the UK and, as such, minimal national legislation was required to implement the Regulation.

EMIR

46

In a nutshellThe Capital Requirements Directive IV (CRD IV) is a package of prudential reforms for credit institutions and investment firms. Its main objective was to implement the reforms introduced by Basel III in the EU, as well as introducing EU-specific reforms, such as the single rulebook, remuneration and corporate governance reforms, sanctions and reliance on external ratings. CRD IV recast and replaced the Capital Requirements Directive (CRD) with a new directive and regulation: CRD IV and the Capital Requirements Regulation (CRR). Both CRR and CRD IV have been applicable since 2014 (with the exception of certain provisions). However, in November 2016, the European Commission published proposals for the extensive revision of both sets of rules.

Capital Requirements Directive IV

Key dates

1 January 2019

Application date of the Securitisation Regulation and the CRR Amendment Regulation


Enacted

47

Core componentsImplementation of Basel III-related reforms• Quantity and quality of capital: CRD IV

increased minimum ratios for common equity and tier 1 capital to 4.5 per cent and 6 per cent, respectively. Additionally, it refined the criteria for components to be recognised as regulatory capital and strengthened the definition of common equity

• Capital buffers: CRD IV introduced the capital conservation buffer (formed of 2.5 per cent of risk-weighted assets and common equity) and the countercyclical capital buffer (consists of common equity and increases the capital conservation buffer)

• Counterparty credit risk: the Directive strengthens the capital requirements for counterparty credit risk exposures arising from banks’ derivatives, repo and security finance activity

• Liquidity requirements: CRD IV introduces two new liquidity ratios: the liquidity coverage ratio (LCR) and the net stable funding ratio (NSFR). The LCR measures whether firms hold an adequate level of unencumbered, high-quality liquid assets to meet net cash outflows under a stress scenario lasting for 30 days. The NSFR measures the amount of stable funding available to a firm against the required amount of stable funding.

EU-specific reforms• Single rulebook: CRD IV introduced a single

set of harmonised prudential rules for banks and investment firms. Most national discretions permitted by CRD were removed

• Remuneration: the Directive imposes a 1:1 ratio on bankers’ salaries relative to variable pay. Firms must also disclose the number of individuals with remuneration over a certain threshold

• Corporate governance measures: measures were introduced to strengthen corporate governance. They relate to the composition of boards and their role determining the risk oversight and strategy

• Sanctions: Member States must apply appropriate administrative sanctions and measures to any violations of EU banking legislation. The Directive contains minimum standards for issues such as level of fines and the publication of sanctions.

Proposed reformsIn November 2016, the European Commission introduced proposals for the revision of CRD IV and CRR. These reforms included the introduction of the so-called Basel IV measures to EU law, the implementation of the total loss-absorbing capacity standard promulgated by the Financial Stability Board and revisions intended to improve lending to small and medium-sized enterprises. Following the proposals, EU authorities decided to fast-track amendments to CRR relating to the implementation of IFRS 9. These amendments have now been set out in a separate regulation. The Commission’s proposals are currently being considered by the Council of the EU and the European Parliament.

CRD IV

48

In a nutshellThe Capital Requirements Regulation II (CRR II) and the Capital Requirements Directive V (CRD V) are legislative proposals adopted by the European Commission that will significantly amend the Capital Requirements Regulation (CRR) and the Capital Requirements Directive IV (CRD IV). They represent the first major set of amendments made to these legislative acts since they came into force in 2014. The amendments to be made by CRR II and CRD V have two main causes:• Reflect international standards: CRR II contains reforms to implement the prudential standards set

by the Basel Committee on Banking Supervision (BCBS) following on from the Basel III standards agreed in December 2010. It also contains provisions implementing the Financial Stability Board’s (FSB’s) total loss-absorbing capacity (TLAC) standard

• Implement EU-specific reforms: CRR II and CRD V contain reforms that reflect the Commission’s review of the impact of CRD IV on banks’ financing of the EU economy. The EU authorities decided to fast-track the amendments to CRR relating to the implementation of IFRS 9. These amendments were originally included in the legislative proposal for CRR II but they were finally set out in a separate regulation: the IFRS 9 Regulation. A number of reforms set out in CRR II and CRD V reflect the outcome of reviews conducted by the Commission.

The Commission published its legislative proposals for CRR II and CRD V in November 2016 and these are currently being reviewed by the Council of the EU and the European Parliament. The Commission’s intention is for CRR II to apply two years after the date of its entry into force, except for the TLAC provisions, which will apply from 1 January 2019. In October 2017, the Commission called for the European Parliament and the Council of the EU to reach political agreement on CRR II and CRD V by mid-2018 at the latest.

Capital Requirements Regulation II and Capital Requirements Directive V

Q1 2019

Possible date for the formal adoption of CRR II and CRD V

Q4 2020

Possible transposition deadline for CRD V

Key dates

Q4 2018

End of trialogues on CRR II and CRD V


Proposed

49

Core componentsLeverage ratioThe leverage ratio is the ratio of tier 1 capital to total non-weighted assets and off-balance sheet exposures. CRR II introduces a binding leverage ratio requirement for all firms subject to the Regulation. It imposes a minimum leverage ratio requirement of 3 per cent of tier 1 capital that firms must meet, in addition to their risk-based requirements.

Net stable funding ratio (NSFR)NSFR is the amount of stable funding available to a bank (available stable funding or ASF) relative to the required amount of stable funding (RSF). The ASF must exceed the RSF on an ongoing basis. CRR II introduces a binding NSFR that requires credit institutions and systemic investment firms to finance their long-term activities with stable sources of funding.

Total loss-absorbing capacityTLAC for global systemically important banks was introduced by the FSB. The purpose of TLAC is similar to the EU’s minimum requirement for own funds and eligible liabilities (MREL) introduced by the Bank Recovery and Resolution Directive. CRR II introduces a minimum harmonised MREL for systemically important institutions to reflect the TLAC standard.

Market riskMarket risk is the risk of losses arising from movement in market prices. In 2016, the BCBS published revised standards for minimum capital requirements for market risk. CRR II introduces significant amendments to the CRR provisions on own funds requirements that implement the BCBS revised standards.

Counterparty credit risk (CCR)CCR is the risk to a firm that a counterparty to a transaction may not perform its contractual obligations before the transaction’s cash flows are settled. In 2014, the BCBS published a standardised approach (SA-CCR) for the calculation of the exposures value of derivatives contracts. CRR II will amend CRR to introduce the SA-CCR.

Exposures to central counterparties (CCPs)In 2014, the BCBS published a framework for exposures to CCPs (BCBS 282). This framework introduced preferential capital treatment for trade exposures to qualifying CCPs. CRR II will amend CRR and the European Market Infrastructure Regulation to implement BCBS 282.

CRR II & CRD V

50

“Banks have made important progress in the implementation of the post-financial crisis regulatory framework, particularly reinforcement of prudential buffers. The next 18 months present the perfect opportunity to refocus on operational, digital and cost-oriented transformation to optimise strained operating models and, in turn, simplify the manner in which such firms conduct their business.”

Alex EllertonPartner - Advisory T +44 (0)20 7184 4627 E [email protected]

BankingBanking: Key regulatory developments 52

Bank Recovery and Resolution Directive 53

Bank Recovery and Resolution Directive II 55

Mortgage Credit Directive 57

Payment Accounts Directive 59

Revised Directive on Payment Services in the Internal Market 61

International Financial Reporting Standards 9 63

Benchmarks Regulation 64

Central Securities Depository Regulation 66

5151

Banks have made immense progress in the implementation of the post-financial crisis regulatory framework. As a result, they have healthier capital reserves and stable liquidity levels, as well as improved governance and control frameworks. Despite the undisputed progress, the 2018 agenda highlights that there is more to do. This year has begun with numerous important implementation deadlines: banks have had to comply with MiFID II, PSD2, IFRS 9 and the Benchmarks Regulation. While many banks are looking ahead, contemplating operational, digital and cost-orientated transformation, regulatory change will remain high on the list of priorities. As banks finalise the execution of their ring-fencing schemes and adapt to the Open Banking era, they must remain attentive to the latest developments in the implementation of the Basel package. Inevitably, Brexit negotiations and the consequences they could have on their operations will be another area of ongoing concern.

Basel III implementationOn 7 December 2017, the Basel Committee on Banking Supervision announced that the Basel Committee’s oversight body (the Group of Central Bank Governors and Heads of Supervision) had endorsed the outstanding Basel III post-crisis regulatory reforms. The Group approved a risk-weighted asset floor of 72.5 per cent. A gradual implementation, over a nine-year period, was agreed. Nevertheless, implementation in the EU is yet to be agreed as negotiations continue on new CRD V and CRR II packages. An agreement on the new regulation and directive are not expected until the end of 2018; this will affect the implementation timeline and push back the deployment of certain elements such as the net stable funding ratio and the Fundamental Review of the Trading Book.

EU legislators have proposed important discounts for capital requirements. The disjointed application of the Basel standards will particularly affect banks operating across multiple jurisdictions and is likely to increase implementation costs. Additionally, this year, banks have the added task of embedding IFRS 9 models that affect capital adequacy assessments and stress testing.

Impact of Brexit on the banking sectorBanks considering reorganising their operations as a result of Brexit will need to take into consideration how the new structure will affect their resolvability and their relationship with resolution authorities. UK and European regulators have already issued statements on the possibility of requiring banks from third countries to establish subsidiaries overseen by the home supervisor. The approach adopted will, of course, depend on the final withdrawal agreement and on whether the EU considers the UK regulatory regime as equivalent.

Ring-fencing, the moment of truthUK banks have been working on their post-ring-fencing structures for years and, as the implementation deadline approaches, it will be interesting to see how the different structural models adopted by in scope institutions affect their operating models and revenues. While it is expected that the retail operations will be reinforced by the measures, the effects of this uniquely British initiative on the revenues of banks’ wholesale counterparts remain uncertain.

Banking: Key regulatory developments

The impact of Open BankingIn addition to prudential, structural and resolvability challenges, banks will have to adapt to the changes introduced by PSD2. Under the Directive, banking institutions must share customer transaction data with third-party providers once they have obtained customer consent. While this will allow non-traditional competitors to compete for the direct customer relationships, banks could seize this opportunity to leverage customer insights and provide truly customer-centric products and services.

52

In a nutshellThe Bank Recovery and Resolution Directive (BRRD) established a recovery and resolution framework for EU credit institutions and investment firms. BRRD is a direct response to weaknesses identified in the bank resolution process during the financial crisis. The aim of the Directive is to equip national authorities with harmonised tools and powers to address crises at banks and certain investment firms at the earliest opportunity.

BRRD entered into force in 2014 (apart from Article 124, which came into force on 1 January 2015). In November 2016, the European Commission announced the BRRD II package of reforms.

Bank Recovery and Resolution Directive

29 December 2018

Deadline for Member States to implement Insolvency Hierarchy Directive

Key dates

1 June 2018

Deadline for the European Commission report on the implementation of BRRD

EU BankingEnacted

53

Core componentsRecovery plansFirms are required to produce and maintain recovery plans to prepare for possible financial difficulties and to restore their viability in a timely manner in times of financial distress. Recovery plans should consider a range of scenarios of severe macroeconomic and financial stress. Recovery plans must be updated annually (or when there are material changes that could require an update of the plan) and submitted to competent authorities for assessment.

Resolution plansA resolution plan sets out how a firm may be resolved in an orderly fashion; this includes the application of resolution tools and powers, as well as options for ensuring the continuity of critical functions. Resolution plans should be updated annually or after any changes that could have a material effect or require a change of the resolution plan.

Resolution toolsThe main resolution tools BRRD provides are:• The sale of business tool• The bridge institution tool• The asset separation tool• The bail-in tool.

Resolution authorities are able to apply resolution tools individually or using different combinations. However, the asset separation tool can only be used with another resolution tool. When applying the resolution tools and exercising resolution powers, resolution authorities must:• Ensure the continuity of critical funds• Avoid significant adverse effects on financial

stability• Protect public funds by minimising reliance

on extraordinary public financial support• Avoid unnecessary destruction of value and

seek to minimise the cost of resolution• Protect depositors, clients’ funds and clients’

assets.

Early supervisory interventionThe Directive gives powers to the authorities to take early action in addressing the potential failure of a firm. These powers include, but are not limited to, dismissing the management and appointing a temporary administrator, convening a meeting of shareholders to adopt urgent reforms or requiring that the bank draws up a plan for the restructuring of debt with its creditors.

Co-operation and co-ordinationBRRD provides a framework to improve co-operation between national authorities. This enables national authorities to better co-ordinate resolution measures in case a cross-border banking group fails.

BRRD

54

In a nutshell The Bank Recovery and Resolution Directive II (BRRD II) refers to the reforms proposed by the European Commission in November 2016 to implement the Financial Stability Board’s total loss- absorbing capacity (TLAC) standard in the EU. The Commission will implement TLAC by adapting its existing regime relating to the minimum requirement for own funds and eligible liabilities (MREL). Additional TLAC implementations will be achieved through amendments to the Capital Requirements Regulation

(CRR) and the Regulation for the Single Resolution Mechanism (SRM).

Trialogues have commenced on BRRD II, and they are expected to conclude at the end of 2018. The UK government has stated that the formal adoption of the package is likely to occur before the UK leaves the EU.

Bank Recovery and Resolution Directive II

June 2018

Planned start of trialogues for BRRD II

Q4 2018

Possible date for the conclusion of trialogues on BRRD II

Q1 2019

Possible date for the formal adoption of BRRD II

Key dates

EU BankingProposed

55

Related reforms: SRM II RegulationUnder the SRM, a single resolution process applies to all banks established in EU Member States participating in the Single Supervisory Mechanism. The SRM Regulation gives the Single Resolution Board resolution powers equal to those available for national resolution authorities under BRRD. The SRM II Regulation contains revisions to the SRM Regulation that reflect the amendments to the MREL regime proposed in the BRRD II.

Core components New regime for minimum requirement for own funds and eligible liabilitiesBRRD II proposals contain extensive revisions to the existing MREL requirements in the BRRD. The key aspects of the new MREL regime are:• BRRD II introduces the concepts of ‘resolution

entities’ and ‘resolution groups’, which derive from the terms used in the TLAC standard. A resolution entity is an EU entity identified by a resolution authority as an entity that should act as a source of loss-absorbing and recapitalisation capacity for its material subsidiaries or subgroups

• Calculation of MREL: the measurement metrics for MREL will be aligned with the external TLAC requirement for Global Systemically Important Institutions (G-SIIs), as set out in CRR

• When a resolution authority considers that the TLAC minimum requirement is not sufficient to absorb losses and recapitalise a G-SII, it has the power to impose an additional institution-specific requirement for own funds and eligible liabilities

• MREL guidance: resolution authorities will be able to provide guidance that will require entities to have own funds and eligible liabilities in excess of the minimum MREL requirements to cover potential additional losses or to ensure that sufficient market confidence in the entity is sustained

• Internal MREL: BRRD II introduces the concept of internal MREL. Internal MREL instruments are designed to be written down or converted to equity to recapitalise the entity that issues them without the need to use resolution powers on the entity.

Framework for recovery and resolution of central counterparties (CCPs)In November 2016, the Commission published a legislative proposal for a regulation covering the recovery and resolution of CCPs. The Commission will use BRRD II to reflect the CCP Recovery and Resolution Regulation in BRRD.

Other BRRD II reforms • Contractual recognition of bail-in: BRRD II

will amend the current regime to specify when the contractual recognition of bail-in does not apply

• Moratorium tool: BRRD gives early intervention powers to competent authorities to take action to proactively address problems in firms before they escalate. BRRD II provides an additional moratorium power allowing competent authorities to suspend an entity payment or delivery obligations.

BRRD II

56

In a nutshellThe Mortgage Credit Directive (MCD) is a minimum harmonisation directive designed to minimise irresponsible lending and borrowing practices. In summary, the Directive introduces requirements to cover: the assessment of affordability, the provision of advice, disclosure and staff training. It is also intended to create a more efficient and competitive single market for mortgages. The MCD entered into force on 21 March 2014, and Member States were required to implement the Directive by 21 March 2016. The MCD is closely aligned with existing UK mortgage regulation; therefore, its transposition did not result in significant changes to the UK mortgage market.

Mortgage Credit Directive

21 September 2018

Transitional arrangements for second charge sellers end

21 March 2019

• Deadline for staff to meet MCD knowledge and competency requirements

• Firms to provide European Standardised Information Sheet

Key dates

1 September 2018

Deadline for HM Treasury to review the MCD

EU BankingEnacted

57

Core componentsScopeThe MCD applies to credit agreements that are secured by a mortgage or other rights related to residential immovable property. While the Directive focuses on residential rather than commercial property, Member States can decide to extend the scope to small and medium-sized enterprises. The Directive covers both first and second charge loans.

Financial educationThe MCD requires Member States to support consumers’ education in relation to responsible borrowing and debt management. The European Commission is obliged to publish an assessment of the financial education available to consumers in Member States and identify best practices.

General informationThe MCD requires that Member States provide clear and comprehensible general information about credit agreements on paper, another durable medium or in electronic form.

Advertising and marketingThe Directive states that communications concerning credit agreements must be clear, fair and not misleading. In particular, it prohibits wording that could create false expectations for consumers regarding the availability or cost of credit. The standard information to be included in advertising is legally set.

Tying practicesThe Directive prohibits tying practices (offering credit agreements in a package with other financial products where the credit product is not available to the customer separately) unless the creditor can demonstrate that the tied products result in clear benefits to the consumers.

Creditworthiness and suitability assessmentCreditors are required to assess consumers’ ability to repay the credit. The assessment must take into account consumers’ personal circumstances and must be based on appropriate information that has been verified.

Pre-contractual informationCreditors and credit intermediaries must make certain information available to consumers at the pre-contractual stage, before the consumer is bound by any credit agreement or offer. This information includes information of the proposed credit arrangements, details of the calculation of the annual percentage rate of charge and other personalised consumer information based on the European Standardised Information Sheet.

AdviceThe creditor or credit intermediary must make clear to the borrower whether or not advice is being provided. The Directive also imposes conditions on the use of the term ‘independent advice’ or ‘independent advisor’ by creditors or credit intermediaries providing advisory services.

Early repaymentThe Directive allows consumers to repay their credit before the expiry of the credit agreement. The specific conditions on this right are set up by the Member States.

Rates changesCreditors must inform consumers of any changes in the borrowing rate before the change takes effect. As a minimum, the information must state the amount of the payments to be made after the new borrowing rate takes effect.

Arrears and foreclosureMembers States must encourage creditors to exercise reasonable forbearance before foreclosure proceedings are initiated.

Regulation of credit intermediariesThe Directive will establish principles for the authorisation, registration and supervision of credit intermediaries and for the establishment of a passport regime.

Regulation of non-credit institutions providing mortgage creditMember States must ensure that non-credit institutions are subject to adequate authorisation, registration and supervision.

MCD

58

In a nutshellThe Payments Account Directive (PAD) aims to improve the transparency and comparability of fee information for payment accounts, assist customers in switching payment accounts and ensure every EU resident has access to a basic bank account. Member States had to implement PAD by September 2016.

Payment Accounts Directive

Key dates

31 October 2018

Payment service providers will have to provide consumers with pre-contractual fee information document

18 September 2019

The Commission must review PAD and submit a report to the European Parliament and the Council of the EU

18 September 2018

Member States to provide the Commission with evaluation information under Article 27 of PAD

EU BankingEnacted

59

Core componentsScopeThe provisions on comparability of fees and account switching apply to all payment service providers (PSPs); the provisions on access to payment accounts with basic features only apply to credit institutions.

Transparency and comparability • Standard documentation and terminology: PAD

standardises the most relevant fee terminology at Member State and EU level. PSPs must provide consumers with a fee information document containing a list of the most representative services and the corresponding fee for each service

• Price comparison websites: Member States must ensure that consumers have access (free of charge) to at least one website that compares fees charged by PSPs for at least the most representative services at national level. Websites must be independent and ensure payment providers are given equal treatment

• Unbundling information on packaged accounts: when a PSP offers a payment account as part of a package, it must inform the customer on whether the payment account can be purchased separately. If so, it must provide the customer with information on the cost of the other products and services when purchased separately.

Account switching • Switching: PAD establishes a harmonised system for

account switching. Member States must ensure that PSPs offer a switching service to consumers that open or hold a payment account. The switching service must be initiated by the receiving PSP at the consumer’s request

• Facilitation of cross-border account opening: where consumers inform their PSP of their desire to open an account with a provider established in a different Member State, their PSP must take particular steps to facilitate the opening of the account

• Information requirements: PSPs must provide consumers with the following information about the switching service: roles of the transferring and receiving entities, timeframe for completion, fees, any additional information required by the consumer and any alternative dispute resolution procedures available.

Access to basic bank accountsOne of PAD’s objectives is to ensure that all consumers legally resident in the EU have access to payment accounts with basic features. This includes consumers with no fixed address, asylum seekers and consumers who are not granted a residence permit.• Non-discrimination: Member States must ensure that

credit institutions do not discriminate against consumers legally resident in the EU due to their nationality, place of residence, race, age, sexual orientation or disability when applying for a payment account within the EU

• General information on payment accounts: Member States must raise public awareness about the availability of payment accounts.

PAD

60

In a nutshellThe Revised Directive on Payment Services in the Internal Market, commonly referred to as PSD2, came into force on 12 January 2016. Member States were required to transpose PSD2 into law by 13 January 2018. In 2012, the European Commission decided to modernise the existing Payment Services Directive (PSD) to ensure it included new types of payment services. The main objectives of PSD2 are to: encourage lower prices for payments, protect consumers, make payments safer, improve the level playing field for new providers and contribute to a more integrated and efficient European payments market.

Revised Directive on Payment Services in the Internal Market

Key dates

13 October 2018

Deadline for firms applying for re-registration to submit a complete application to continue operating on or after 13 January 2019

13 January 2019

Deadline for firms operating under the limited network exclusion to notify the FCA

Q4 2019

European Banking Authority regulatory technical standards on strong customer authentication and communication and security measures will apply

13 January 2021

Deadline for the Commission to submit report on the application and impact of PSD2

EU BankingEnacted

61

Core componentsScopePSD2 extends both the geographical scope of PSD and the number of currencies covered. The conduct and transparency provisions of PSD2 apply to ‘one-leg’ transactions (payments to and from third countries where one of the payment service providers (PSPs) is located in the EU). The Directive also applies to transactions in non-EU currencies that have at least one leg in the EU. A number of exclusions that were available under PSD have either been limited or deleted in PSD2. The Commission considered that the exclusions had been applied beyond their original scope and in an inconsistent manner across Member States.

ExclusionsBusinesses carrying certain activities are excluded from PSD2. The three key exclusions are:• Providers of electronic communication networks

or services providing certain goods and services (digital content, voice-based services, electronic tickets or donations to charity)

• Payment services used within a limited network of service providers for a very limited range of goods or services (gift cards, fuel cards or shopping centre cards)

• Transactions where a payment intermediary is acting on behalf of one side of the transaction to negotiate or conclude the sale or purchase of goods or services.

New payment servicesPSD2 introduces two new regulated payment services: • Payment initiation services: this is defined as a

service to initiate a payment order at the request of the payment service user (PSU) with respect to a payment account held at another PSP

• Account information services: this is defined as an online service to provide consolidated information on one or more payment accounts held by the PSU.

Conduct of business requirementsPSD2 sets enhanced conduct of business requirements, including:• Rules on how to deal with complaints relating to

payment services• Rules on how payments should be carried out,

including refunds and who is responsible if there is a problem

• Rules on how to deal with unauthorised and incorrect payments

• A ban on hidden charges for paying with a debit or credit card (both online and in shops).

Open BankingPSD2 provides the basis for ‘open banking’. Open Banking is a series of reforms to how banks deal with customers’ financial information. It is being implemented by the nine largest banks in the UK and aims to enable businesses to give more accurate personal financial guidance that is tailored to customers’ circumstances and delivered securely.

Enhanced consumer protection and securityThe new operational and security risks requirements of PSD2 include:• Reporting major security incidents (ie unplanned

events that have or could have a harmful impact on businesses’ payment services)

• Applying strong customer authentication to electronic payments initiated by a customer to help protect the customer from fraud.

PSD2

62

In a nutshellInternational Financial Reporting Standards (IFRS 9) replaces International Accounting Standard (IAS) 39. The new standard rewrites the accounting rules for financial instruments. It introduces a new approach for asset classification, a more forward-looking expected loss model and new requirements on hedge accounting. IFRS 9 is effective for annual periods beginning after 1 January 2018 with early application permitted. Entities with predominantly insurance-related activities have the option of delaying the implementation until 2021.

Core componentsClassification and measurement of financial instrumentsIFRS 9 introduces a single principle-based approach whereby the classification and measurement of financial instruments is based on the nature of the cash flows and the business model in which an asset is held. The balance sheet components are now categorised as Amortised Cost, Fair Value through Trading and Fair Value through Other Comprehensive Income.

ImpairmentA new expected loss impairment model has been introduced. It requires the timely recognition of expected credit losses based on forward projections of transaction performance combined with an estimate of future economic drivers. Entities must account for expected credit losses when financial instruments are first recognised. These provisions are calculated based on whether the credit asset is any one of 3 stages. Stage 1 represents those credit assets that are still performing, they receive a 12 month expected loss provision. Stage 2 represents those credit assets that have experienced a significant increase in credit risk, these receive lifetime expected loss provisions. Finally, Stage 3 credit assets are those that have experienced objective evidence of impairment, these also receive a lifetime expected credit loss provision.

Hedge accountingIFRS 9 introduces a substantially reformed model for hedge accounting with enhanced disclosures about risk management activity. The new model more closely aligns accounting treatment with risk management activities, enabling entities to better reflect the financial impact activities in their financial statements.

International Financial Reporting Standards 9

EU BankingEnacted

6363

In a nutshellGlobal concerns about the integrity of benchmarks and investigative and enforcement action by regulators concerning the manipulation of benchmarks led the European Commission to introduce a common framework across Member States. The main objective of the Benchmarks Regulation (BMR) is to restore consumer confidence in the accuracy, robustness and integrity of indices used as benchmarks in financial instruments and financial contracts. The BMR aim is to ensure that benchmarks are not subject to conflicts of interest, are used appropriately and reflect the actual market or economic reality they intend to measure. The Regulation became applicable on 1 January 2018 with the exception of certain provisions that have applied from 30 June 2016.

Benchmarks Regulation

1 May 2020

End of transitional period

Key dates

EU BankingEnacted

64

Core components ScopeThe BMR has a wide scope: it covers all indices used in the EU as the basis for financial instruments or certain financial contracts as well as indices used to measure the performance of an investment fund.

Benchmark administratorsBenchmark administrators must apply for authorisation to provide a benchmark, establish and maintain robust governance arrangements and oversight functions. Additionally, they must have control and accountability frameworks and adopt a code of conduct for each benchmark. To become authorised or registered, benchmark administrators must apply to their national competent authority. In the UK, firms that were not previously regulated have had to apply for Financial Conduct Authority authorisation.

Benchmark contributorsBenchmark contributors do not need to be authorised or regulated, as contributing to a benchmark is a voluntary activity. If contributors were required to alter their business model significantly, they could cease to contribute. However, they must also follow rules on governance and controls.

Benchmark usersSupervised entities that use a benchmark will only be allowed to use benchmarks provided by an authorised or registered administrator in the EU. In the case of third countries, benchmark users will be able to use a benchmark if the third-country administrator has been recognised.

Use of third-country benchmarksThe BMR provides three methods under which administrators located in third countries can become benchmarks that can be used by an EU supervised entity:• Equivalence: the Commission can adopt

an equivalence decision to include administrators located in a third country on the public register of administrators and benchmarks maintained by the European Securities and Markets Authority. To adopt its decision, the Commission will consider whether the legal framework and supervisory practice of a third country ensures compliance with the benchmark principles of the International Organization of Securities Commissions.

• Recognition: before an equivalence decision is adopted by the Commission, a benchmark provided by an administrator located in a third country can be used by supervised entities in the EU as long as the administrator obtains prior recognition by the competent authority of its Member State of reference in accordance with the requirements and procedure set up in the Regulation.

• Endorsement: certain entities or administrators can apply to the relevant competent authority to endorse a benchmark or a family of benchmarks provided in a third country for their use in the EU when certain conditions are fulfilled. The endorsing administrator must be able to demonstrate that the provision of the benchmark fulfils requirements that are at least as stringent as the requirements of the BMR.

BMR

65

In a nutshellThe main objective of the Central Securities Depository Regulation (CSDR) is to ensure that transactions between buyers and sellers of securities are settled in a safe and timely manner by introducing securities settlement standards across the EU. To achieve its objective, the Regulation harmonises the timing and conduct of securities settlements in the EU and the rules governing central securities depositories (CSDs). The CSDR came into force on 17 September 2014. Its provisions are legally binding in all Member States without transposition into national law, unless otherwise specified.

Central Securities Depository Regulation

EU BankingEnacted

66

Core componentsScopeThe CSDR is divided into two parts. It applies to all market operators in the context of securities settlement and to CSDs. It imposes licensing, conduct of business and prudential requirements on CSDs. There are certain exemptions: members of the European System of Central Banks and other national or public bodies performing similar services are exempt from certain provisions of the Regulation, such as provisions relating to authorisation and supervision.

Securities settlementThe key objective of the CSDR is to improve the safety of settlement. The Regulation contains three sets of measures to achieve this objective:• Securities must be in electronic book-entry form:

book entry is a way of recording ownership of securities where no certificate is given to investors

• Settlement periods for securities transactions must be harmonised: participants must settle their purchase or sale obligation on the intended settlement date (no later than the second business day after the trade takes place)

• Improved settlement discipline: CSDs are required to prevent settlement fails by monitoring and facilitating transactions. Market participants that fail to deliver their securities on the agreed settlement date are subject to penalties and to buy-in procedures that require the defaulting participant to buy the securities in the market and deliver them to the relevant counterparty.

Authorisation and supervisionCSDs must be authorised and supervised by the competent authority of the Member State in which it was established. Regulators must review the arrangements, strategies, processes and mechanisms implemented by the CSD on an annual basis, at least. The responsible regulator must also evaluate the risks to which the CSD may be exposed.

Operational riskCSDs must identify all potential sources of operational risk and minimise their impact. Firms must inform the regulator and relevant authorities without delay of any operational incidents resulting from the risks identified.

Legal riskCSDs must have rules, procedures and contracts that are clear and understandable and can be enforced in all relevant jurisdictions.

Investment riskCSDs must hold their financial assets at central banks or authorised credit institutions. They may only invest in cash or highly liquid financial instruments with minimal market or credit risk.

Capital requirementsCSDs must have sufficient capital at all times to adequately protect against operational, legal and investment risks, and to ensure the orderly wind-down or restructuring of the CSDs’ activities over a period span of at least six months under a range of stress scenarios.

SanctionsThe CSDR introduces a minimum set of administrative sanctions and measures available to regulators, including public statements on the infringement, order requiring the cessation of conduct, withdrawal of authorisation, temporary or permanent bans and administrative fines.

CSDR

67

“The intensity of the regulatory agenda has not hindered rapid growth in the asset management sector. However, the sheer growth of assets under management has inevitably attracted the attention of policymakers and we expect that investment and fund management activities will be covered under the ‘systemically important’ umbrella in the near future.”

David MorreyPartner – Advisory T +44 (0)20 7865 2657 E [email protected]

Asset managementAsset management: Key regulatory developments 69

European Long-term Investment Funds Regulation 71

Money Market Funds Regulation 73

Alternative Investment Fund Managers Directive 75

EU prudential framework for investment firms 77

Regulation on key information documents for PRIIPs 79

European Social Entrepreneurship Funds Regulation and European Venture Capital Funds Regulation 81

Undertakings for Collective Investment in Transferable Securities Directive V 83

Undertakings for Collective Investment in Transferable Securities Directive VI 85

Cross-border distribution of collective investment funds 87

68

Despite the general belief that we are at the end of the era of post-financial crisis regulatory implementation, asset managers have a hectic year ahead on the regulatory front. After years of intense preparation, MiFID II finally came into force on 3 January 2018. However, MiFID II was only the first hurdle for the industry. By the close of 2018, asset managers will have implemented new product disclosure rules (PRIIP KID), extensive data protection requirements (GDPR) and new rules for money market funds (MMF Regulation). Additionally, all the European initiatives implemented over the last decade contain review clauses that will apply in the next three years; the AIFMD review is first on the list and a series of reforms will undoubtedly follow. This panorama, coupled with the raft of existing regulatory proposals, makes for choppy waters ahead for the industry.

The intensity of the regulatory agenda has not hindered rapid growth in the asset management sector: over GBP 8 trillion of assets are currently managed in the UK, which is nearly GBP 1 trillion more than a year ago. Indeed, the UK’s asset management industry is the largest in Europe and the second largest in the world. Nevertheless, while opportunity and growth look to continue, there are notable threats on the horizon.

The impact of Brexit on delegation activityAs exemplified by the focus of the FCA’s latest Business Plan, the prospective impacts of the UK’s withdrawal from the EU are far-reaching and pose an array of challenges. From the perspective of asset management firms, one of the primary threats lies with the EU’s interpretation of ‘delegation activity’.

Delegation arrangements allow funds to be marketed and sold in one country while the management of funds occurs in a different location. The European Commission wants to give the European Securities and Markets Authority increased powers over the funds industry. If this occurs, it will be for European authorities to determine whether delegation rights continue to apply or whether firms have to increase their physical presence in the EU to continue servicing their EU customer base. If the EU adopts a protectionist approach, and it seems Paris is interested in a slice of the GBP 8 trillion cake, the days of listing a fund in Dublin or Luxembourg for tax purposes while managing the portfolio from inside the UK could be over.

Asset management: Key regulatory developments

69

The restriction of delegation rights will not only impact London but also other major fund management centres such as New York and Hong Kong. While the FCA considers that capping delegation arrangements will impact a well-established practice underpinned by strong standards and regulatory co-operation, the outcome depends on the results of the ongoing bilateral negotiations. We believe that the threat posed is very real; the restriction of delegation rights will likely result in higher costs and therefore less favourable investment outcomes for customers.

Systemic risk regulationThe sheer growth of assets under management since the end of the global financial crisis has attracted regulators’ attention. Now that the post-crisis reform of the banking sector is well under way, regulators have turned towards other areas of potential vulnerability. Over the last 18 months, the European Central Bank, the Financial Stability Board and the International Organization of Securities Commissions have issued statements that indicate that investment and fund management activities will be covered under the ‘systemically important’ umbrella. As a result, we expect that asset managers will have to establish stress-testing plans and demonstrate they are monitoring their leverage adequately. Additionally, appropriate liquidity management will be necessary.

Investor protectionSome of the rules asset managers must comply with this year, such as MiFID II and the PRIIPs Regulation, have a clear emphasis on investor protection. Additionally, the FCA has issued new rules following the publication of its asset management market study in the UK. The main purpose of these measures is to increase transparency and market competition. These new requirements will undoubtedly affect fund managers’ returns. We believe that the most innovative firms will invest in product innovation and greater automation in order to reduce cost and comply with regulatory demands.

70

In a nutshell The European Long-term Investment Funds (ELTIFs) Regulation is a pan-European regime for alternative investment funds (AIFs) that channel the capital they raise towards European long-term investment in the real economy. This Regulation was enacted as a result of the regulatory fragmentation that challenged investors wishing to gain exposure to long-term assets. The Regulation has applied since December 2015.

By 9 June 2019, the European Commission is required to commence a review of the ELTIFs Regulation. The review will focus on the impact of redemption policies, the impact on asset diversification and the extent to which ELTIFs are marketed in Europe. The Commission will also consider whether the list of eligible assets and investments should be updated. It must be noted that the current proposals for reforming the European System of Financial Supervision contain amendments to the ELTIF Regulation. Under the proposals, the European Securities and Markets Authority (ESMA) will be given direct supervisory powers over prospectuses and harmonised collective investment funds.

European Long-term Investment Funds Regulation

9 June 2019

The Commission to review ELTIFs Regulation

Key dates

2018

ESMA to submit final draft Regulatory Technical Standard on cost disclosure information to the European Commission

EU Asset management

Enacted

71

Core componentsWhat is an ELTIF?To qualify as an ELTIF, an investment fund must:• Invest at least 70 per cent of its funds in

prescribed types of assets, including unlisted or small companies needing long-term capital, real assets that need long-term capital to develop and funds regulated under the European Venture Capital Funds Regulation and the European Social Entrepreneurship Funds Regulation

• Strictly limit the use of derivatives and leverage

• Be closed-ended: this means that investors are not able to redeem their investment during a specified period of time.

ELTIF designationThe Regulation sets out the criteria that determine whether a fund may be classified as an ELTIF. An ELTIF eligible fund must:• Be managed by an alternative investment

fund manager that is authorised under the Alternative Investment Fund Managers Directive (AIFMD)

• Be authorised by a regulator as an alternative investment fund in a EU Member State

• Comply with prescribed rules on investment policies, redemption, transparency and marketing.

The European Securities and Markets Authority (ESMA) maintains a public register with all authorised ELTIFs, their managers and their home state regulator.

Authorisation processTo be authorised, an ELTIF must apply for authorisation to the home Member State regulator of the fund. An application must include: the fund rules or instruments of incorporation, identity information of the proposed manager and its current and past fund management experience, identity information of the depositary and a description of the information to be made available to investors.

Investment policies and diversification requirementsIn addition to the 70 per cent investment in eligible investment assets, an ELTIF must diversify the remaining 30 per cent of investments.

Investment restrictionsAn ELTIF is restricted from engaging in short-selling, direct or indirect exposure to commodities; entering into securities lending agreements, securities borrowing agreements and repurchase agreements; and using financial derivative instruments. An ELTIF may not invest in an eligible investment asset in which the manager of the ELTIF has or takes a direct or indirect interest.

Redemption, trading and distribution of incomeInvestors in an ELTIF are not permitted to request a redemption of their units or shares before the ‘end of life’ of the ELTIF. The end of date should be clearly indicated in a fund’s rules or instruments of incorporation, and must be disclosed to investors. The Regulation contains provisions for the trading of units or shares of an ELTIF on regulated markets, as well as the free transfer of units or shares to third parties.

Transparency requirementsELTIFs can be marketed to both professional and retail investors. As a result, the ELTIFs Regulation contains detailed transparency requirements to allow prospective investors to make an informed judgement and to be fully aware of the investment risks involved.

Passporting regimeThe manager of an ELTIF can market a fund into host Member States if it has followed the notification process in Article 32 of the AIFMD.

ELTIFs

72

In a nutshellThe Money Market Funds Regulation (MMF Regulation) establishes a framework of requirements to enhance the liquidity and stability of money market funds (MMFs). During the global financial crisis it became apparent that specific features of MMFs make them vulnerable when there are difficulties in financial markets. There were particular concerns about MMFs spreading or amplifying risks throughout the financial system.

The MMF Regulation entered into force on 20 July 2017 and will apply from 21 July 2018. Its main objectives are to:

• Preserve the integrity and stability of the internal market• Make MMFs more resilient and limit contagion channels• Ensure MMFs are able to honour redemption requests from investors or a large

group of investors (particularly under stressed market conditions)• Provide for the equal treatment of investors• Support the smooth operation of the short-term funding market for financial

institutions.

Money Market Funds Regulation

November 2019

Managers to send their first quarterly reports to national competent authorities

Key dates

21 January 2019

Existing MMFs to start to comply with the Regulation

EU Asset management

Enacted

73

Core componentsScopeThe MMF Regulation applies to collective investment undertakings that meet the following criteria:• It requires authorisation as an Undertakings for Collective

Investment in Transferable Securities (UCITS), or is authorised as a UCITS, under the UCITS Directive or is an alternative investment fund (AIF) under the Alternative Investment Fund Managers Directive (AIFMD)

• It invests in short-term assets (financial assets with a residual maturity of not more than two years)

• It has distinct or cumulative objectives offering returns in line with money market rates.

Authorisation processWhere a fund is authorised as a UCITS or an AIF, it needs to submit prescribed documentation to its competent authority to become authorised as an MMF. Authorisation is valid across all EU Member States. The European Securities and Markets Authority is obliged to keep a central public register of all MMFs.

Investment policiesMMFs can only invest in money market instruments, securitisations, deposits with credit institutions, financial derivatives instruments, repurchase agreements, reverse repurchase agreements and units or shares of other MMFs. An MMF is not allowed to:• Invest in assets other than the ones referred above• Take direct or indirect exposure to equities or commodities• Enter into securities lending agreements or securities

borrowing agreements• Short sell money market instruments, securitisations and

units or shares of other MMFs.

DiversificationThe MMF Regulation contains detailed rules on the diversification of eligible investment assets that each MMF must follow.

ConcentrationFor prudential reasons, and to prevent excessive significant influence over the management of an issuing body, MMFs must avoid excessive concentration in investments issued by the same issuing body.

Credit quality of money market instrumentsMMFs have a responsibility to invest in high-quality eligible assets. The manager of an MMF needs to implement and consistently apply a prudent internal credit quality assessment procedure to determine the credit quality of the money market instruments and securitisations in which a fund invests.

Risk managementThe Regulation contains portfolio rules for short-term and standard MMFs. MMFs are prevented from soliciting or financing an external credit rating. MMF managers must establish, implement and apply know-your-client policies and have stress test processes in place.

ValuationThe assets of an MMF need to be valued on a daily basis using a mark-to-market valuation (when possible).

TransparencyThe MMF Regulation contains provisions regarding the specific information that MMFs are required to include in marketing material. In addition to the reporting requirements of the UCITS Directive and the AIFMD, the MMF Regulation sets out the information that managers must report to their regulators.

MMF Regulation

74

In a nutshellThe Alternative Investment Fund Managers Directive (AIFMD) introduced regulation and supervision of all alternative investment fund managers (AIFMs) and borrowed largely from the Undertakings for Collective Investment in Transferable Securities (UCITS) regulation. The AIFMD intended to address the imbalance between the level of regulation and investor protection afforded to those investing in UCITS and those investing in alternative investment funds (AIFs). The regulation applied certain standards and diligence to the AIFM (including where they have delegated functions) for the protection of fund investors.

Member States were required to implement the AIFMD by 22 July 2013. As required by Article 69 of the Directive, the European Commission started to review the application and the scope of the AIFMD in 2017. The Commission is required to analyse the experience acquired in applying the AIFMD; its impact on investors, AIFs in the EU and in third countries; and the degree to which the AIFMD’s objectives have been achieved.

Alternative Investment Fund Managers Directive

EU Asset management

Enacted

75

Core componentsScopeThe AIFMD applies to the following managers:• EU AIFMs who manage EU or non-EU AIFs• Non-EU AIFMs who manage EU AIFs• Non-EU AIFMs who market their AIFs in the EU.

AuthorisationAn EU AIFM must be authorised in the Member State in which it has its registered office. Once eligible for authorisation under the AIFMD, a non-EU AIFM must be regulated in its Member State of reference (ie that is the country where the AIFM intends to develop effective marketing).

Minimum capital requirements AIFMs are required to:• Have a minimum amount of initial capital. This

amount is EUR 300,000 for internally managed AIFs and EUR 125,000 for AIFMs managing external AIFs

• Maintain qualifying professional indemnity insurance or additional own funds

• Invest own funds in liquid assets or assets readily convertible to cash.

Marketing provisionsThe marketing provisions in the AIFMD differentiate between retail and professional investors. The definition of professional investor is adopted from MiFID II. Firms are not able to treat a prospective investor as professional solely on the ground of the investor’s knowledge, experience and ability to understand the risks involved; prescriptive quantitative tests must be met. Each Member State can decide if it permits marketing of all or certain types of EU or non-EU AIFs to retail investors. There is no passport for marketing to retail investors.

Depositary rulesAn AIFM must appoint a single depositary in respect of each AIF it manages. The depositary can either be an EU credit institution, an EU investment company or a UCITS depositary. The depositary is required to provide oversight, asset verification, safe-keeping and cashflow monitoring duties. It also has a liability to replace assets lost in safe-keeping (with some limited carve-outs) and is liable for negligence and improper performance in its other duties.

Remuneration rulesThe AIFMD requires an AIFM to establish remuneration policies and practices for certain senior members of staff. These practices are designed to promote sound and effective risk management and ensure risk-taking is consistent with the risk profile and the rules of AIFs. An AIFM applying for authorisation must disclose details of its remuneration policies and practices to its regulator.

Valuation provisionsAIFMs are required to have appropriate and consistent procedures for independent valuation of the AIF assets. The net asset value per share or unit must be calculated and disclosed to investors. Valuations must be performed at least once a year by an independent external valuer.

Liquidity rulesAll AIFs (except unleveraged closed-ended AIFs) must have an appropriate liquidity management system and adopt appropriate liquidity management procedures to ensure that the liquidity profile of the AIF’s investment portfolio is aligned with the AIF’s underlying obligations. AIFs must conduct regular stress tests against both normal and exceptional liquidity conditions

PassportAn AIFM authorised in one Member State can provide management services to an AIF established in another Member State by using a passport. The AIFM must notify its own regulator of its intention to manage EU AIFs in another Member State.

AIMFD

76

In a nutshellThe European Commission has proposed a regulation and a directive establishing a new framework for prudential requirements for investment firms: the Investment Firms Regulation (IFR) and the Investment Firms Directive (IFD). Currently, investment firms that are authorised under the Markets in Financial Instruments Directive II (MiFID II) are subject to prudential requirements set out in the Capital Requirements Regulation (CRR) and the Capital Requirements Directive IV (CRD IV). The Commission intends to use the IFR and the IFD to establish a new prudential framework for these firms. This means that certain systemically important firms will be reclassified as credit institutions and subject to the prudential requirements set out in CRR and CRD IV. All other investment firms will be subject to the new prudential framework and therefore subject to revised remuneration and governance standards set out in the IFD. Additionally, a new methodology will apply for investment firms to determine how their Pillar 1 regulatory capital requirements are calculated.

The purpose of the proposed framework is to simplify the prudential classification of investment firms and establish a single, harmonised approach by reducing the complexity of the existing system.

The Commission published its legislative proposals for the IFR and the IFD in December 2017. The Council of the EU and the European Parliament are considering these.

EU prudential framework for investment firms

Key dates

2018

The European Parliament and the Council of the EU will consider the legislative proposals for the IFR and the IFD

EU Asset management

Proposed

77

Core componentsClassification of investment firmsThe Commission proposes to divide investment firms currently authorised under MiFID II into three categories:• Systemically important firms (Class 1 firms): these

are firms with total assets over EUR 30 billion in value that carry out the Markets in Financial Instruments Directive (MiFID) activities of dealing on own account or underwriting of financial instruments. These firms will be reclassified as credit institutions and, therefore, subject to the prudential requirements set out in CRR and CRD IV

• Investment firms (Class 2 firms): these are non-systemic investment firms that are not defined as small and non-interconnected investment firms. The vast majority of MiFID firms are expected to qualify as Class 2 firms

• Small and non-interconnected investment firms: these are very small firms with non-interconnected services.

K-factorsK-factors are indicators representing the risks that an investment firm can pose to customers, to market access or to liquidity. Investment firms will be required to calculate their capital requirements using the K-factors. These will be also used to determine whether an investment firm should be classified as a small, non-interconnected firm.

New prudential framework for investment firmsThe new prudential framework for investment firms is set out in the IFR; however, requirements on initial capital and Pillar 2 requirements are set out in the IFD:• Initial capital requirements for investment firms will be:

– EUR 750,000 for investment firms authorised to provide one or more of the following MiFID services: dealing on own account, underwriting of financial instruments, operating a multilateral trading facility and operating an organised trading facility

– EUR 75,000 for investment firms not permitted to hold money or securities belonging to their clients and are authorised to provide one or more of the following MiFID services: receiving and transmitting orders, executing orders on behalf of clients, portfolio management and investment advice

– EUR 150,000 for all other firms• Pillar 2 requirements: the IFD contains provisions

on Pillar 2 requirements based on existing requirements in CRD IV

• Remuneration and governance: the provisions on remuneration and governance contained in the IFD do not apply to small and non-interconnected firms. The key proposed changes are:

– The removal of a specific limit for the ratio between variable and fixed component of variable remuneration

– The introduction of the exemption for small and non-interconnected firms

– The introduction of the exemption from the variable remuneration requirement concerning deferral and pay-out in instruments.

New prudential regime for systemically important firmsThe IFR and the IFD amend CRR and CRD IV to ensure that firms currently authorised under MiFID II that are of systemic importance will become credit institutions. As a result, firms reclassified as credit institutions based in Member States in the Single Supervisory Mechanism (SSM) will be within the scope of the SSM and the prudential supervision of the European Central Bank.

IFR & IFD

78

In a nutshellThe Regulation on key information documents (KIDs) for packaged retail and insurance-based investment products (PRIIPs) introduces a pan-European pre-contractual disclosure document for retail consumers that are considering buying a wide range of investment products referred to as PRIIPs. Its purpose is to enable retail investors to compare products and make a more informed investment choice. The PRIIPs Regulation entered into force on 29 December 2014 and its requirements became applicable in Member States on 1 January 2018. The European Commission must carry out a review of the Regulation by 31 December 2018.

Regulation on key information documents for PRIIPs

Q1 2019

FCA to publish feedback statement on its call for input on initial experience with the requirements of PRIIPs Regulation

31 December 2019

End of transitional period for UCITS

Key dates

28 September 2018

Deadline for responses to the FCA call for input on initial experience with the requirements of PRIIPs Regulation

EU Asset management

Enacted

79

Core components ScopeA PRIIP can be one or both of the following:• A PRIIP: an investment where, regardless

of its legal form, the amount repayable to the retail investor is subject to variations due to exposure to reference values or to the performance of one or more assets not directly purchased by the retail investor

• An insurance-based investment product: an insurance product that offers a maturity or surrender value that is wholly or partially exposed, directly or indirectly, to market fluctuations.

PRIIPs should include investment products such as investment funds, life insurance policies with an investment element, structured investment products, structured deposits and financial instruments issued by special purpose vehicles that meet the definition of PRIIPs.

Responsibility for producing the KIDThe PRIIP manufacturer is responsible for producing the KID in accordance with the requirements of the PRIIPs Regulation. To ensure the KID is widely available it must be published on the manufacturers’ websites.

Form and content of the KIDThe Regulation applies the principles of the Undertakings for Collective Investment in Transferable Securities (UCITS) key investor information document across all retail investment products that are PRIIPs. According to the Regulation, a KID must:• Be accurate, fair, clear and not misleading• Provide key information and be consistent

with any binding contractual documents• Be clearly separate from marketing materials

and not contain cross-references to marketing material.

Responsibility for providing the KID to investorsThe person advising on or selling the PRIIP must provide the KID to retail investors in good time before investors are bound by a contract. To be effective, the KID must be provided before an investment decision is taken. The Regulation also sets out requirements on the media that can be used for providing the KID to retail investors.

Complaints and redressThe PRIIP manufacturer and any person advising or selling the PRIIP must establish procedures to ensure that complaints can be submitted, that these complaints can be effectively addressed and that redress procedures are available in the event of cross-border disputes.

Treatment of Undertakings for Collective Investment in Transferable SecuritiesUCITS management companies and investment companies are exempt from the PRIIPs Regulation obligations until 31 December 2019.

PRIIPs Regulation

UK implementation of PRIIPs RegulationThe PRIIPs Regulation is directly applicable and firms in the UK have needed to be compliant since 1 January 2018. The FCA has made changes to the FCA Handbook to reflect the introduction of the PRIIPs Regulation. These changes include: direct references to the EU sources as well as the deletion and disapplication of amendments of certain provisions that were either superseded or incompatible with the PRIIPs Regulation. Additionally, given the lack of clarity on certain aspects of the Regulation, the FCA has issued comments on the scope of the Regulation to ensure firms are able to comply with the new disclosure framework.

80

In a nutshellThe European Venture Capital Funds (EuVECA) Regulation and the European Social Entrepreneurship Funds (EuSEF) Regulation provide a common EU framework for managers of EuVECA and EuSEF that are registered with the competent authorities, so that they can benefit from the EU passport to manage and market funds in the EU with the specific EuSEF and EuVECA labels.

The EuSEF Regulation applies to managers of alternative investment funds (AIFs) that meet the following conditions:• Their assets under management do not exceed EUR 500 million• They are established in the EU• They are subject to registration in their home state in accordance with the Alternative Investment

Fund Managers Directive (AIFMD) • They manage portfolios of qualifying EuSEF.

The EuVECA Regulation applies to managers of AIFs that meet the following conditions:• Their assets under management do not exceed EUR 500 million• They are established in the EU• They are subject to registration in their home state in accordance with the AIFMD• They manage portfolios of qualifying venture capital funds.

European Social Entrepreneurship Funds Regulation and European Venture Capital Funds Regulation

EU Asset management

Enacted

81

EuSEF & EuVECA

Current status While the EuSEF Regulation and the EuVECA Regulation were not due for review until 2017, the European Commission decided to bring the date of its review forward after identifying that only a small number of funds set up as EuVECA and EuSEF had been launched, although the regulations have applied since 2013. Following the publication of the Capital Markets Union action plan and of a consultation paper issued in 2015, the text of the regulation amending the EuVECA Regulation and EuSEF Regulation was published in November 2017. The new regulation applies from 1 March 2018 and the key changes are:• It widens the range of managers eligible to set up and manage EuVECA

and EuSEF to include those with assets under management of more than EUR 500 million

• It widens the range of firms EuVECA can invest in to include unlisted companies with up to 499 employees

• It broadens the definition of enterprises that EuSEF can invest in to include ‘services and goods generating social return’

• It gives the European Securities and Markets Authority an oversight role to ensure that funds are consistently registered and supervised.

The Commission is concerned that various factors are restricting the cross-border activity of investment funds and has issued a legislative proposal for a directive on cross-border distribution of collective investment funds and a legislative proposal for a regulation on facilitating cross-border distribution of collective investment funds. The Council of the EU and the European Parliament will consider these proposals during 2018. The Commission expects these proposals to be adopted before the European Parliament elections in May 2019.

82

In a nutshellUndertakings for Collective Investment in Transferable Securities (UCITS) are investment funds that have been established under UCITS legislation that allow funds registered in one EU country to be freely marketed across the EU. The objective of UCITS V was to introduce reforms in order to align how Member States regulate these funds and to bring UCITS legislation in line with the Alternative Investment Fund Managers Directive. UCITS V requires funds to appoint a depositary function, sets out new requirements for manager remuneration and seeks to address previous inconsistencies across Member States on sanctions. The Directive came into force on 17 September 2014 and Member States were required to transpose it into national law by 18 March 2016.

Undertakings for Collective Investment in Transferable Securities Directive V

EU Asset management

Enacted

83

Core componentsDepositary eligibilityThe appointment of a depositary needs to be supported by a written contract charging the depositary with the safe-keeping, oversight and cash-flow monitoring duties. A depositary must be a national bank, a credit institution authorised in accordance with the Capital Requirements Directive IV or another authorised legal entity subject to capital adequacy requirements.

Depositaries’ delegation of dutiesDepositaries can only delegate the safe-keeping function. When delegating this function, the depositary must demonstrate there is an ‘objective reason’ for the delegation and exercise due diligence in the selection and appointment of the third party. The UCITS fund assets must be segregated so in the event of default of the depositary or its delegate, UCITS funds are not available to be distributed to creditors.

Depositary liabilityA depositary is liable for losses of any financial instrument held in custody. If found liable, the depositary is required to return a financial instrument of identical type or the corresponding amount without undue delay. The depositary will not be held liable if it can prove that the loss has arisen as a result of an external event beyond its reasonable control.

RemunerationFund managers must establish remuneration policies and practices that are consistent with sound risk management and discourage disproportionate risk-taking. The policies apply to those members of staff whose professional activities have a material impact on the risk profiles of the management companies or of the UCITS they manage. A remuneration policy must cover fixed and variable components of salaries as well as discretionary pension benefits.

SanctionsThe aim of UCITS V was to achieve minimum harmonisation of UCITS sanctioning regimes by requiring: • A minimum catalogue of administrative sanctions and

measures• A minimum list of sanctioning criteria• The establishment of whistle-blowing mechanisms by

competent authorities and UCITS managers.

The sanctions regime applies to breaches of the main investor protection safeguards in UCITS IV.

UCITS V

84

In a nutshellIn July 2012, the European Commission held a consultation on potential areas of reform of the Undertakings for Collective Investment in Transferable Securities (UCITS) regime. It is a comprehensive review of the operational function of UCITS funds; therefore it is wide-ranging. The consultation followed on from international work on shadow banking co-ordinated by the Financial Stability Board, which identified areas of investment funds that required close scrutiny. The Commission’s consultation did not contain any indication of a possible timetable.

Undertakings for Collective Investment in Transferable Securities Directive VI

EU Asset management

Proposed

85

UCITS VI

Core componentsEligible assets and use of derivativesUCITS funds are required to invest in instruments that are sufficiently liquid. The Commission proposed to evaluate the current practices of UCITS portfolio management and assess specific fund investment policies.

Efficient portfolio management (EPM) techniques The UCITS Directive empowers Member States to authorise UCITS to employ certain techniques and instruments for the purposes of EPM. Most respondents to the Commission’s consultation were in favour of increasing the level of transparency and consolidating current best practices in the industry.

Over-the-counter (OTC) derivativesThe Commission’s consultation focuses on the appropriate assessment of counterparty risk for OTC derivatives for UCITS.

Extraordinary liquidity management rulesThe UCITS Directive requires UCITS to redeem units on request by investors. UCITS can suspend this obligation in exceptional circumstances; the meaning of ‘exceptional circumstances’ was interpreted differently by various Member States. The Commission considered whether a common framework to deal with ‘liquidity bottlenecks’ should be developed.

Depositary passportThere has been an ongoing debate as to whether UCITS should be limited to using the services of depositaries located in the same Member State as the UCITS itself. The Commission considered whether depositaries should be given a European passport.

Money market funds (MMFs)The Commission wanted to determine whether there was a need for an EU harmonised regulatory framework for MMFs that was necessary to prevent investor runs and systemic risks. Since the consultation, the Money Market Funds Regulation (MMF Regulation) has entered into force. The MMF Regulation introduces a framework to enhance the liquidity and stability of MMFs.

Long-term investmentThe consultation contained a section on how to foster a culture of long-term investment in Europe. It suggested that long-term investment funds that are open to retail investors could enhance the internal market. Since the consultation, the Regulation on European Long-term Investment Funds has been published. This Regulation establishes a new type of collective investment vehicle that allows investors to invest in companies and projects that need long-term capital.

Improvements to the UCITS Directive The Commission considered whether certain provisions of the UCITS Directive needed to be reviewed to improve their operation or to fill perceived gaps in their implementation. These areas included self-managed investment companies, master-feeder structures, fund mergers, notification procedures and further alignment with the Alternative Investment Fund Managers Directive.

86

In a nutshellThe European Commission has published legislative proposals for a regulation and a directive on cross-border distribution of collective investment funds. The proposals contain amendments to the Undertakings for Collective Investment in Transferable Securities (UCITS) IV Directive and the Alternative Investment Fund Managers Directive (AIFMD). The Commission considers that a series of factors are restricting the cross-border activity of investment funds and therefore the EU investment fund market has not exploited its full potential in terms of cross-border distribution. The purpose of the proposed directive and regulation is to improve transparency, remove overly complex and burdensome requirements and harmonise national rules. The Commission expects that these proposals will be adopted before the European Parliament elections in May 2019.

Cross-border distribution of collective investment funds

2021

Proposed date for the legislation to apply

Key dates

May 2019

Proposed deadline for the adoption of the legislation

EU Asset management

Proposed

87

Core componentsHarmonisation of EU requirementsThe proposed regulation contains harmonised requirements for:• Marketing communications: marketing

communications should be identified as such and present the risk and rewards of purchasing units or shares of alternative investment funds (AIFs) and UCITS in a prominent manner. Marketing communications must be fair, clear and not misleading

• Transparency framework for national provisions on marketing requirements: competent authorities are required to publish on their website laws, regulations and administrative provisions governing marketing rules for AIFs and UCITS

• The European Securities and Markets Authority (ESMA) obligations: ESMA must publish and maintain on its website a central database of all alternative investment fund managers (AIFMs), UCITS management companies, AIFs and UCITS. ESMA must also maintain a dedicated database containing national marketing requirement rules.

Amendments to the Undertakings for Collective Investment in Transferable Securities IV DirectiveThe proposed directive contains the following amendments to the UCITS IV Directive:• Requirements on physical presence: Member

States will be banned from requiring local facilities in the Member States where UCITS are marketed

• Discontinuation of marketing: new conditions are created for UCITS that decide to discontinue their marketing activities in a Member State

• Notification procedures for changes to UCITS: the procedures governing the notification to competent authorities of the changes that UCITS are planning in relation to their manager fund are aligned to those set out in the AIFMD.

Amendments to the Alternative Investment Fund Managers DirectiveThe proposed directive contains the following amendments to the AIFMD:• Pre-marketing: the directive sets out the

conditions under which an EU AIFM can engage in pre-marketing activities. AIFMs will be allowed to test an investment idea or strategy with professional investors but will not be able to promote an established AIF without notification

• Discontinuation of marketing: new conditions are created for AIFMs that wish to stop their marketing activities in a Member State

• Consistent treatment of retail investors: the directive introduces requirements to ensure a consistent treatment of retail investors regardless of the type of fund in which they invest.

Cross-border distribution of collective investment funds

88

InsuranceInsurance: Key regulatory developments 91

Insurance Distribution Directive 92

Solvency II 94

International Financial Reporting Standards 17 96“The generally persistent soft market conditions in most lines combined with the ongoing anaemic interest rate environment leaves insurers facing a range of strategic dilemmas and business model challenges, which will in turn be likely to result in heightened supervisory scrutiny from regulators.”

Sarah Talbott Partner - Advisory T +44 (0)20 7865 2815 E [email protected]

89

Insurance: Key regulatory developments

This year will be another year of significant regulatory change in the insurance sector, against the constantly evolving backdrop of Brexit. The generally persistent soft market conditions in most lines combined with the ongoing anaemic interest rate environment leaves insurers facing a range of strategic dilemmas and business model challenges, which will in turn be likely to result in heightened supervisory scrutiny from both the Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA). Firms face ongoing challenges meeting customer expectations in an increasingly tech-enabled world in the context of growing pressure on rate strength and profitability. In addition, firms must also implement and operationally embed major conduct and distribution-driven requirements imposed by the IDD and the PRIIPs Regulation, data protection rules introduced under the GDPR and the application of the SM&CR to insurers and distributors alike.

Solvency IITwo years after its implementation, the Solvency II regime is under review and the object of intense debate. At a national level, the PRA has suggested a series of improvements that include: simplifying transitional measures on the technical provisions’ recalculation process, decreasing the burden of national specific reporting and reviewing the policy on mandatory audits of Solvency and Financial Condition Reports. In a recent publication, the PRA stated that it considers that there are certain areas, including risk margin, where Solvency II is not working as intended. Nevertheless, while the UK continues to be a member of the EU, these issues will be governed by the Solvency II framework. We believe that in a post-Brexit world, the PRA could give serious consideration to reducing the risk margin.

IDDWe expect the IDD will result in substantial operational change for both insurers and the wide variety of insurance distributors across the EU. The objective of the Directive is to create a level playing field for all firms selling insurance products. Moreover, certain parts of the Directive are aligned to existing rules under MiFID II, which we expect will encourage consistency across the sector. The application date for the IDD was delayed to 1 October 2018, which we regard as a positive development for market participants, regulators and policymakers. However, this should not delay firms’ implementation planning; both insurers and distributors will need to keep their ‘foot on the pedal’. Depending on a firm’s role and responsibilities in the value chain, there may be a need to make profound changes, for example in product governance and approval processes to ensure products demonstrably meet their target customers’ needs.

The regulatory pressure on distributors is wider than the IDD, which is principally focused on retail products. It also potentially cuts deeper than it ever has before, to consider the role and function of commercial insurance distribution holistically at market level. The strongest evidence of this shifting emphasis is the FCA’s market study of wholesale insurance brokers, which considers the Lloyd’s and London insurance market through a competition lens for the first time. The results of the study, and the outcomes of the FCA’s supervisory work on value in distribution chains, are expected at the end of 2018. Both insurers and distributors should prepare to review these reports. The FCA will expect all firms to act promptly, following the publication of these findings.

BrexitAs is the case in all financial services sectors, the insurance market is preparing for Brexit. Some firms have already announced that they will restructure their businesses to ensure they retain access to the EU market. The insurance industry will be particularly affected by the issue of contract continuity, discussed further in our Brexit analysis. To ensure continuity of contracts with their European Economic Area (EEA) customers, some insurance companies are considering transferring insurance contracts to legal entities located in the EEA that possess the necessary authorisations. Such transfers can be done in bulk using the procedure in Part VII of the Financial Services and Markets Act 2000. Our industry experts expect continued uncertainty to result in an upsurge of Part VII activity as well as a surge in activity for EU firms seeking authorisation by the PRA to ensure continued access to the UK market.

90

In a nutshellThe Insurance Distribution Directive (IDD) amends and replaces the Insurance Mediation Directive (IMD). This Directive is designed to improve the EU regulation in the insurance market; its objectives are to ensure a level playing field among institutions involved in the sale of insurance products, make it easier for firms to trade cross-border and strengthen stakeholder protection. While the IDD is a minimum harmonising directive, the European Commission considers that it will significantly raise the standards of the IMD. The regulation is aligned to the requirements in MiFID II and Solvency II. The IDD was published in the Official Journal of the EU on 2 February 2016 and entered into force on 22 February 2016. Member States were required to bring into force the laws, regulations and administrative provisions necessary to comply with the IDD by 23 February 2018.

Insurance Distribution Directive

EU InsuranceEnacted

91

Core componentsScopeWhereas the IMD focused on the sale of insurance policies by insurance intermediaries, the IDD extends the scope of the IMD to all distributors of insurance products, including insurers and reinsurers that sell directly to customers. The term ‘distribution’ has a much wider application than focusing only on the sale of the insurance product. Distribution applies to product design and development, product marketing, the sale of the product and after-sales activity, including claims handling.

Appropriate knowledge and abilityThe IDD recognises the importance of guaranteeing high levels of professionalism and competence. Consequently, Member States must ensure that insurance and reinsurance distributors and employees (and their managers) of insurance and reinsurance undertakings possess ‘appropriate knowledge and ability’ to complete their tasks and perform their duties adequately.

Disclosure informationThe IDD builds on the pre-contract disclosure firms are required to make. Firms will have to confirm whether they:• are an insurer or an intermediary• give advice or information only• act on behalf of the customer or the insurer.

Intermediaries will also be required to disclose the nature and basis of any remuneration they receive from insurers for selling their products. The nature is the type of remuneration (ie commission). The basis is the source of the remuneration. The FCA also requires that firms include the source of the remuneration (ie a percentage of the premium the customer pays).

Where employees are remunerated on the basis of achieving sales targets, the nature and basis of such remuneration must also be disclosed prior to conclusion of the contract.

Conduct of business The IDD imposes the requirement to provide a consumer with an insurance product information document for each policy sold (including at renewal). This is a standardised way of providing consumers with a policy’s key features, benefits, limitations and exclusions.

Demands and needsIn an expansion of the requirements relating to establishing a customer’s demands and needs, firms are required to only present to customers products that meet their identified demands and needs. A firm must also provide an individual demands and needs statement to the customer before conclusion of the contract.

Insurance-based investment products (IBIPs)The IDD introduces suitability or appropriateness tests for all sales of IBIPs and for some fund switches (Member States can decide whether to provide this information to professional customers). The conduct of business requirements in relation to IBIPs are aligned to those of MiFID II to ensure cross-sector consistency.

Product governanceCurrent product governance and oversight rules have been amended to meet the requirements of the IDD. Firms must have product governance processes in place. All new products and significant changes to existing products must go through a formal approval process. The approval process should consider:• the complexity of the product• the risk of the product resulting in customer

detriment (ie payment protection insurance)• the characteristics of the target market.

Firms are also required to undertake product reviews on a regular, but appropriate, basis.

PassportingThe passporting provisions in the IDD provide greater detail and clarity on the procedure for cross-border entry by intermediaries into insurance markets across the EU.

Conflicts of interestThe IDD contains more effective management and mitigation rules to manage conflicts of interest. New rules have been introduced to address the risk of conflicts of interest between sellers and consumers. The IDD provisions on conflicts of interest mirror the requirements imposed on investment firms by MiFID II.

Bundle productsThe IDD introduces special disclosure requirements where suppliers bundle products together. Customers must be informed of the possibility of acquiring the bundled products separately.

Administrative sanctionsThe IDD increases the level of harmonisation of administrative sanctions for breach of key IDD provisions; these must be ‘effective, proportionate and dissuasive’. Member States have the right to provide for and impose criminal sanctions for the breach of IDD provisions.

Cross-border tradeThe IDD imposes the obligation on Member States to take the necessary steps to ensure appropriate publication of the relevant national legal provisions protecting the general good that are applicable to insurance and reinsurance distribution activities carried on in their territory. The provision of this information is designed to increase legal certainty and transparency for customers and firms on a cross-border basis.

IDD

9292

In a nutshellSolvency II provides a framework for a European Economic Area (EEA) solvency and supervisory regime for the insurance sector. It creates a consistent risk-based approach to calculating capital for insurers and reinsurers that takes into account all risks insurers face. Additionally, Solvency II establishes a modernised supervisory system designed to provide uniform levels of protection. Firms were required to implement Solvency II from 1 January 2016. The Directive contained a number of transitional provisions designed to avoid market disruption and allow a smooth transition to the new regime.

Solvency IIEU InsuranceEnacted

93

Core componentsSolvency II comprises three ‘pillars’.

Pillar IThis contains Solvency II quantitative requirements. Under this pillar, firms must demonstrate that they have enough resources to satisfy the Solvency II capital requirements.• Valuation of assets and liabilities: Solvency II

states the methodology insurers must use to value assets and liabilities

• Technical provisions: firms are required to hold technical provisions to cover all their expected future insurance and reinsurance contractual liabilities. These provisions must be calculated in a reliable and objective manner

• Determination of own funds: in addition to holding technical provisions, a firm must have enough capital to cover the higher of the minimum capital requirement (MCR) or solvency capital requirement (SCR). The regulatory capital a firm holds to cover technical provisions, SCR and MCR is known as ‘own funds’. Solvency II sets out the different categories of assets that can contribute to meeting capital requirements

• MCR: is the minimum level of security below which the amount of financial resources should not fall. When an insurer’s capital falls below the MCR, its supervisor is likely to stop it writing business

• SCR: represents the level of capital that insurers are expected to maintain. If an insurer’s capital falls below the SCR, the

insurer will have to put a plan in place (and agree it with their supervisor) to correct the situation within a limited period (often six months). Insurers can calculate their regulatory capital by using either a standard formula or by developing an internal model that needs to be approved

• Firms in difficulty: firms must have procedures in place to identify when their conditions start to deteriorate. If this occurs, they are required to notify their supervisors as soon as such deterioration occurs.

Pillar II This sets out Solvency II qualitative requirements. Under this pillar, firms are required to develop and embed systems to identify, measure and proactively manage the risks the firm is or may be exposed to.• Governance systems: Solvency II sets out

requirements on governance. Firms must have an effective system of governance. The governance system must include an adequate, transparent organisational structure with clear allocation and segregation of responsibilities. Additionally, firms are required to have written policies approved by management relating to risk management, compliance, internal audit and outsourcing (when relevant)

• Risk management systems: firms must have in place effective risk-management systems with strategies, processes and reporting procedures adequate to identify, measure,

monitor, manage and report all risks that the firm is, or may be, exposed to.

• Four key functions: Firms are required to establish the following key functions: risk management, compliance, internal audit and actuarial. A key function holder must be appointed for each of these functions

• Own risk and solvency assessment (ORSA): firms are required to carry out their ORSA. This assessment should be proportionate to the nature, scale and complexity of the risks inherent to the business and forward looking. The ORSA must at least include an assessment of the firm’s solvency needs, compliance with the Solvency II requirements and the significance with which a firm’s risk profile deviates from the assumptions underlying the SCR calculations. Firms have to carry out an ORSA regularly and following a significant change in risk profile

• Supervisory Review Process: supervisors are required to review and evaluate the strategies, processes and reporting procedures that firms have established to comply with Solvency II. As a last resort, supervisors can impose a ‘capital add-on’ when a firm’s risk profile deviates significantly from the assumptions underlying its SCR or the firm has significant governance deficiencies. When deciding what action to take, supervisors must consider the potential impact of their decision on financial stability.

Pillar IIIThis ensures consistent public disclosure and supervisory reporting across the EEA.• Required information: as a minimum, firms

need to send regulators the information necessary to assess the firm’s system of governance, the business it is pursuing, the valuation principles applied for solvency purposes, the risks faced, the risk management structure, the firm’s capital structure, needs and management

• Solvency and Financial Condition Report (SFCR): firms need to publish on an annual basis a report that provides detailed information on the firm’s solvency and financial condition. Until the end of 2020, Member States can decide whether firms have to disclose separately capital add-ons imposed by supervisors

• Regular Supervisory Report: insurers cannot disclose information in their SFCR if they consider it would result in a significant unfair advantage to their competitors or when it is the subject of secrecy or confidentiality. However, firms have to provide this type of information to their supervisors.

Solvency II

9494

In a nutshellIFRS 17 is an international accounting standard that sets out the requirements a company should apply when reporting information about insurance contracts it issues and reinsurance contracts it holds. It replaces interim standard IFRS 4 and will be effective from 1 January 2021. IFRS 17:• Provides updated information about the

obligations, risks and performance of insurance contracts

• Increases the transparency of the financial information reported by insurance companies

• Introduces consistent accounting for all insurance contracts based on a current measurement model.

Entities applying IFRS 9 ‘Financial Instruments’ and IFRS 15 ‘Revenue from Contracts with Customers’ before the application of IFRS 17 are permitted to apply the standard early.

International Financial Reporting Standards 17EU InsuranceEnacted

Core componentsInsurance obligations and risksThe main objective of IFRS 17 is to provide current updated information about the effect of insurance contracts on a company’s financial position and risk exposure. Under IFRS 17, a company that issues insurance contracts must report them on the balance sheet as the total of the fulfilment cash flows and the contractual service margin.• The fulfilment cash flows is the estimated

amount that the insurer expects to collect from premiums and pay out for claims, benefits and expenses. Under IFRS 17, companies need to update the fulfilment cash flows at each reporting date using estimates that are consistent with relevant market information

• The contractual service margin is the expected profit for providing future insurance coverage.

Insurance performanceIFRS 17 requires a company to provide information that differentiates the two ways insurers make profits from insurance contracts: the insurance service result (profit earned from providing insurance coverage) and the financial result (encompasses investment income from managing financial assets and insurance finance expenses from insurance obligations). The timely recognition of losses from insurance contracts will provide important information about the future sustainability of the companies using insurance contracts.

Insurance revenue Companies will report as insurance revenue the amount charged for insurance coverage when it is earned, not when the company receives premiums. Additionally, insurance revenue will exclude the deposits that represent the investment of the policyholder. These requirements for the recognition of revenue are consistent with recognition of revenue for most contracts with customers in other industries.

Improved profitability informationIFRS 17 will provide useful information about the current and future profitability of insurance contracts. When applying the standard, a company will identify a portfolio of insurance contracts. Once those have been identified, each portfolio will be divided into groups considering differences in the expected portfolios of contracts (only contracts issued within the same year can be included in the same group).

VolatilityIFRS 17 offers various options to prevent accounting mismatches. Any volatility in the amount recognised in profit or loss will mainly reflect changes in economic conditions. Not all the changes in estimates will immediately affect profit or loss. Moreover, IFRS 17 offers various features to reduce volatility such as: a variable fee approach, options for risk mitigation and an option for the presentation of changes in financial assumptions.

95

GlossaryAIFMs alternative investment fund managersAIFs alternative investment funds

AML anti-money launderingAMLD4 Fourth Money Laundering DirectiveAMLD5 Fifth Money Laundering DirectiveASF available stable fundingBCBS Basel Committee on Banking SupervisionBIS Bank of International SettlementsBMR Benchmarks RegulationBRRD Bank Recovery and Resolution DirectiveCAs competent authoritiesCASS Client Assets CCPs central counterpartiesCCR counterparty credit riskCDD customer due diligenceCFA17 Criminal Finances Act 2017CMU capital markets unionCRD Capital Requirements DirectiveCRR Capital Requirements RegulationCSDs central securities depositoriesCSDR Central Securities Depository RegulationCTF counter-terrorist financingDPA Data Protection ActDPO data protection officers EDD enhanced due diligence

EEA European Economic AreaELTIF European Long-term Investment FundEMIR European Market Infrastructure RegulationEPM efficient portfolio managementESMA European Securities and Markets AuthorityEuSEF European Social Entrepreneurship FundsEuVECA European Venture Capital FundsFATF Financial Action Task ForceFCA Financial Conduct AuthorityFIUs Financial Intelligence Units FRC Financial Reporting Council FSB Financial Stability BoardGDPR General Data Protection Regulation G-SIIs Global Systemically Important InstitutionsHMRC Her Majesty's Revenue and CustomsIBIPs insurance-based investment productsIDD Insurance Distribution Directive IFR Investment Firms RegulationIM initial marginIMD Insurance Mediation DirectiveIFR Investment Firms RegulationKIDs key information documentsLCR liquidity coverage ratioMAD II Market Abuse Directive II MAR Market Abuse Regulation

MCD Mortgage Credit DirectiveMCR minimum capital requirementMiFID II Markets in Financial Instruments Directive IIMiFIR Markets in Financial Instruments RegulationMLR17 The Money Laundering, Terrorist Financing

and Transfer of Funds (Information on the Payer) Regulations 2017

MMFs money market fundsMREL minimum requirement for own funds and

eligible liabilitiesNCAs national competent authoritiesNSFR Net stable funding ratioOFSI Office of Financial Sanctions

ImplementationORSA own risk and solvency assessmentOTC over-the-counterPAD Payments Account DirectivePRIIPs Packaged Retail and Insurance-based

Investment ProductsPCA Policing and Crime Act 2017PEPP pan-European personal pension product PEPs politically exposed personsPOCA Proceeds of Crime Act 2002PPPs personal pension productsPRA Prudential Regulation Authority

PPPs Personal Pension Products PSD Payment Services DirectivePSU payment service userRSF required amount of stable financingSA-CCR standardised approach to counterparty

credit riskSAR Suspicious Activity ReportSCR solvency capital requirementSFCR Solvency and Financial Condition ReportSFO Serious Fraud OfficeSFT Securities financing transactionsSFTR Securities Financing Transactions

RegulationSIMR Senior Insurance Managers RegimeSM&CR Senior Managers and Certification Regime SMF Senior Management FunctionsSSM Single Supervisory MechanismTLAC Total loss absorbing capacityTPA third-party administratorTRs trade repositoriesUCITS Undertakings for Collective Investment in

Transferable SecuritiesUDs unbreakable depositsUWOs unexplained wealth ordersWTR Wire Transfer Regulation

96

Financial services team

Andrew HeffronPartner – Audit T +44 20 7184 4354 E [email protected]

Marcus SwalesPartner – Audit T +44 20 7865 2320 E [email protected]

Dana WardPartner – TaxT +44 20 7728 3316 E [email protected]

Alex EllertonPartner – Advisory T +44 (0)20 7184 4627 E [email protected]

David RoylePartner – Advisory T +44 20 7865 2834 E [email protected]

James CruttendenPartner – Advisory T +44 20 7865 2495 E [email protected]

Paul FlatleyPartner – Audit T +44 20 7728 2779 E [email protected]

Sam PointonPartner – Audit T +44 20 7728 2167 E [email protected]

Terry HeatleyPartner – Tax T +44 20 7865 2685 E [email protected]

David MorreyPartner – Advisory T +44 20 7865 2657 E [email protected]

Manu SharmaPartner – Advisory T +44 (0)20 7865 2406 E [email protected]

Jon SperrinPartner – Advisory T +44 20 7728 2561 E [email protected]

Our Financial Services Group is committed to working with our clients to shape a successful economy founded upon sustainable growth, trust, integrity and innovation. We work with many of the world’s most influential growth businesses, building long-term relationships founded upon exceptional client service, trusted and reliable delivery and a shared desire to achieve transformational results.

Paul GarbuttPartner – Advisory T +44 20 7865 2170 E [email protected]

Roy O’NeilPartner – Advisory T +44 20 7865 2540 E [email protected]

Sarah TalbottPartner – Advisory T +44 20 7865 2815 E [email protected]

Tom TownsonPartner – Advisory T +44 20 7865 2175 E [email protected]

Rob BensonPartner – Advisory T +44 20 7865 2415 E [email protected]

Sandy KumarHead of Financial Services T +44 20 7865 2193 E [email protected]

Tim RoffPartner – Advisory T +44 20 7865 2871 E [email protected]

97

© 2018 Grant Thornton UK LLP. All rights reserved.‘Grant Thornton’ refers to the brand under which the Grant Thornton member firms provide assurance, tax and advisory services to their clients and/or refers to one or more member firms, as the context requires. Grant Thornton UK LLP is a member firm of Grant Thornton International Ltd (GTIL). GTIL and the member firms are not a worldwide partnership. GTIL and each member firm is a separate legal entity. Services are delivered by the member firms. GTIL does not provide services to clients. GTIL and its member firms are not agents of, and do not obligate, one another and are not liable for one another’s acts or omissions. This publication has been prepared only as a guide. No responsibility can be accepted by us for loss occasioned to any person acting or refraining from acting as a result of any material in this publication.

GRT108313grantthornton.co.uk

Documents

Financial Services Group - Grant Thornton UK LLP€¦ · the outcome, financial institutions will welcome the relative certainty that will come with the conclusion of negotiations