In this regular post, we round-up FinTech-related financial services regulatory developments for the week ending 19 January 2024.
ICYMI
- Tackling APP Fraud in the UK: where to next?
- Australian Government announces mandatory regulation for high-risk AI
- The EU Anti Money Laundering Authority and the AML reform package: an update
UK
FCA letter to P2P lending platforms and IBCF firms
The FCA has published a template version of the supervisory letters sent to the Boards of firms in the loan-based peer-to-peer (P2P) lending platforms and investment-based crowdfunding (IBCF) platforms portfolios. This regular supervisory correspondence sets out the FCA's key areas of focus for both types of firm. Both letters highlight, among other matters, the regulator's focus on the Consumer Duty. Firms are advised to review the letters and 'to take all necessary actions' to ensure that senior managers are delivering on regulatory requirements and expectations. [15 Jan 2024]
#Crowdfunding
Europe
ESAs: EFIF taxonomy of financial innovation
The European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) have published the European Financial Innovation Forum (EFIF) taxonomy of financial innovations.
The matrix is aimed at helping users categorise financial innovations by sectors, services and activities, and enabling technologies. Each service or activity is linked to a number, while each enabling technology is linked to a letter. The combination of number(s) and letter(s) is expected to further help the categorisation of financial innovations and foster the understanding of market trends. Some of the terms included in the matrix are defined in a glossary. [19 Jan 2024]
#EFIF #Taxonomy #Innovation
Council and EP strike deal on AML/CFT measures
The Council of the EU and the European Parliament (EP) have reached a provisional agreement on parts of the anti-money laundering and countering the financing of terrorism (AML/CFT) package. With the new package, all rules applying to the private sector will be transferred to a new regulation, while the directive will deal with the organisation of institutional AML/CFT systems at national level in the Member States.
The new rules provide access to beneficial ownership information and give more powers to financial intelligence units (FIUs) to analyse and detect money laundering and terrorist financing cases as well as to suspend suspicious transactions.
The rules will cover most of the crypto sector, meaning all crypto-asset service providers (CASPs) must conduct due diligence on their customers. The deal also includes a EU-wide limit on large cash payments of 10,000 euro, and measures to ensure compliance with targeted financial sanctions and avoid sanctions being circumvented.
The texts will now be finalised and presented to Member States’ representatives in the Committee of permanent representatives and the EP for approval. If approved, the Council and the EP will have to formally adopt the texts before they are published in the Official Journal of the EU (OJ) and enter into force. [18 Jan 2024]
#Crypto #CASPs
ESAs: Final first set of draft RTS and ITS under DORA
The European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) have published the first set of final draft technical standards under the Digital Operational Resilience Act (DORA) aimed at enhancing the digital operational resilience of the EU financial sector by strengthening financial entities’ information and communication technology (ICT) and third-party risk management and incident reporting frameworks.
The final draft technical standards include:
- Regulatory Technical Standards (RTS) on ICT risk management framework and on simplified ICT risk management framework;
- RTS on criteria for the classification of ICT-related incidents;
- RTS to specify the policy on ICT services supporting critical or important functions provided by ICT third-party service providers (TPPs); and
- Implementing Technical Standards (ITS) to establish the templates for the register of information.
In terms of next steps, the draft RTS and ITS have been submitted to the European Commission (EC) for adoption, which is expected to take place in the coming months. [17 Jan 2024]
#DORA #OpRes #ICT
ECB executive board member discusses cyber resilience
The European Central Bank (ECB) has published a speech by executive board member Piero Cipollone, delivered at the ninth meeting of the Euro Cyber Resilience Board (ECRB) for pan-European Financial Infrastructures. Mr Cipollone is the new chair of the ECRB.
In his speech, Mr Cipollone highlighted how the ECRB offers a unique forum for pan-European financial infrastructures, their critical service providers, central bank overseers and other key European authorities to engage on cyber risks and security. He also identified two major cyber threat areas – ransomware attacks and reliance on third party service providers – and noted the opportunities and challenges which emerging technologies like artificial intelligence (AI) and quantum computing add to the mix. [17 Jan 2024]
#ECRB #CyberResilience
EPRS briefing on the EC's impact assessment for the second revision of PSD2
The EPRS has published a briefing on the second revision of the revised Payment Services Directive (PSD2). The briefing provides an initial analysis of the strengths and weaknesses of the EC's impact assessment accompanying various proposals.
The briefing assesses four problem areas set out by the EC and notes that, while the EC's analysis is clear and logical overall, some details could have been presented in a more coherent and inclusive manner. The briefing also opines that, given concerns around cybersecurity, this aspect could have been assessed in more depth. [17 Jan 2024]
#PSD2 #CyberSecurity
EBA guidance on ML/TF risk for CASPs and for banks/credit institutions providing services to CASPs
The EBA has published its final report on amending guidelines with money laundering (ML) and terrorist financing (TF) risk factors to cryptoasset service providers (CASPs). The guidelines highlight ML/TF risk factors and mitigating measures that CASPs need to consider when assessing individual business relationships and occasional transactions.
Given the interdependence of the financial sector, the guidelines also include guidance addressed to other credit and financial institutions that have CASPs as their customers or which are exposed to cryptoassets.
The deadline for national competent authorities (NCAs) to report whether they comply with the guidelines will be two months after the publication of the translations into the official EU languages. The amending guidelines will apply from 30 December 2024. [16 Jan 2024]
#Crypto #CASPs
ECB: CBDC working paper
The European Central Bank (ECB) has published a working paper (WP) on the interaction of price and stability within the context of central bank digital currency (CBDC). The WP demonstrates the existence of a central bank trilemma. It postulates that, when a central bank is involved in financial intermediation, either directly through a CBDC or indirectly through other policy instruments, it can only achieve, at most, two out of three objectives: a socially efficient allocation; financial stability (ie absence of runs); and price stability.
The views expressed in the WP are those of the authors and do not necessarily reflect those of the ECB. [15 Jan 2024]
#CBDC
Hong Kong
SFC and Police warns public of suspected VA-related fraud
The SFC and the Hong Kong Police Force (Police) have warned the public of suspected virtual asset (VA)-related frauds involving two entities operating under the names of "Aramex" and "DIFX", purporting to be virtual asset trading platforms (VATPs).
"Aramex", "DIFX" and their respective websites were placed on the SFC's suspicious VATP alert list on 18 January 2024. The Police has taken steps to block access to the relevant websites. In both cases, the SFC and the Police shared intelligence under the joint working group that monitors and investigates illegal activities relating to VATPs. [18 Jan 2024]
#VATP #Crypto
India
RBI: Draft framework for SRO recognition in the FinTech sector
The RBI has issued a draft framework for recognising Self-Regulatory Organisations (SRO) for the FinTech sector. The draft framework lays down the characteristics of a FinTech SRO, and includes, inter alia, functions, and governance standards.
Responses are requested by 29 February 2024. [15 Jan 2024]
#FinTechSRO
US
Fed's Vice Chair for Supervision on cyber risk
The Fed has published the opening remarks delivered by Vice Chair for Supervision Michael S. Barr at the Conference on Measuring Cyber Risk in the Financial Services Sector in Boston, Massachusetts. Mr Barr noted the increasing importance of cybersecurity preparedness, emphasising the need for banks to focus on both cyber defence and cyber resilience to successful cyber-attacks. [17 Jan 2024]
#CyberRisk
Fed: Economic research – Monetary policy and CBDCs, stablecoins and narrow banks
The Fed has published a new paper in its Finance and Economics Discussion Series (FEDS). The paper, A Field Guide to Monetary Policy Implementation Issues in a New World with CBDC, Stablecoin and Narrow Banks, considers the implications of the evolving market structure for monetary policy implementation and transmission. The paper focuses on the implications of introducing new types of fixed-rate financial assets in the financial system including retail and wholesale central bank digital currency (CBDC), stablecoins issued by narrow nonbanks, and deposits issued by narrow banks.
This economic research represents the views of the authors and does not indicate concurrence either by other members of the Fed's staff or by the Fed Board of Governors. [16 Jan 2024]
#CBDC #Stablecoins
SEC charges FinTech CEO with fraud and disclosure failures
The SEC has announced that it has charged a FinTech company CEO for manipulative trading in the stock the company, using an offshore account shortly before he became CEO in 2020. The SEC has also charged the CEO with failing to disclose his beneficial ownership of the stock as well as transactions in such stock. The SEC is seeking permanent injunctive relief, a civil penalty, and an officer-and-director bar. [11 Jan 2024]
#FinTech
Disclaimer
The articles published on this website, current at the dates of publication set out above, are for reference purposes only. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action.