ICYMI
- High Court strikes out APP fraud claims against receiving payment service provider
- The IP in AI: Recent Updates and Developments
Global
BIS paper: AI and the economy – implications for central banks
The Bank for International Settlements (BIS) has pre-released a chapter from its 2024 Annual Economic Report on how artificial intelligence (AI) directly affects central banks, both as stewards of the economy and users of AI tools.
Highlights from the chapter include:
- central banks should embrace AI, anticipating its impact on the economy and financial system and harnessing it in their own operations;
- the financial sector is among the most exposed to the benefits and risks of AI; and
- the increased importance of data as a cornerstone of the AI revolution hastens the need for central bank cooperation.
The full Annual Economic Report will be released on 30 June 2024. [25 Jun 2024] #AI
Europe
EIOPA & EBA: Q&As on DORA
EIOPA has published the answers to a number questions it has received regarding the Digital Operational Resilience Act (DORA), including:
- Question 2734 – DORA003 Which alternative investment fund managers (AIFMs) are captured within the scope of application of DORA under Articles 2(1)(k) and 2(3)(a) of DORA?
- Question 2750 - DORA006 What is the level of engagement required for an ICT service to be considered as “support[ing] critical or important functions”?
- Question 2748 – DORA005 Is the term “critical or important function” as defined in DORA to be understood as being equivalent to “critical or important functions or activities” under the Solvency II regime? If not, which functions are to be considered as critical or important for insurance companies?
- Question 2787 – DORA011 Is it possible for an entity to have two different size classifications – one under DORA and one under Commission Recommendation 2002/361/EC?
- Question 2790 – DORA012 Can competent authorities in DORA publish decisions relating to administrative penalties and remedial measures, or can they only publish decisions on administrative penalties?
- Question 2994 Art. 30 III e) ii) requires undertakings to agree the right on alternative assurance levels if other clients’ rights are affected. It is unclear how to include this in the contractual agreement. Does this mean e.g. third party audits can be sufficient?
- Question 2989 Is our understanding correct, that Article 30 II lit. a) concerning the permit to subcontracting only applies to ICT third party service providers who support critical or important functions of the financial entity itself?
The EBA has also published the response to Question 2023_6876 which asks about the application of DORA to third country branches, in particular branches with limited operations. [28 Jun 2024] #DORA #OpRes
ESRB: Compliance report on implementation of Recommendation ESRB/2021/17
The European Systemic Risk Board (ESRB) has published a summary compliance report which presents the outcome of the assessment of compliance concerning the implementation of sub-Recommendation A(1), Recommendation B and Recommendation C of Recommendation ESRB/2021/17 on a pan-European systemic cyber incident coordination framework (EU-SCICF) for relevant authorities.
Recommendation ESRB/2021/17 is divided into three Recommendations (A, B and C).
Sub-Recommendation A(1) recommends that the European Supervisory Authorities (ESAs), together with the ECB, the ESRB and relevant national authorities, start preparing for the gradual development of a Union-level coordinated response in the event of a cross-border major cyber incident or related threat that could have a systemic impact on the financial sector.
Recommendation B recommends that the ESAs, the ECB and each Member State among their relevant national authorities designate a main point of contact which should be communicated to the ESAs as a base for the EU-SCICF.
Recommendation C recommends the EC consider the appropriate measures needed to ensure effective coordination of responses to systemic cyber incidents.
Overall, the Assessment Team observed full compliance with sub-Recommendation A(1) and a high level of compliance with Recommendation B. No grade was assigned in relation to Recommendation C. An overall table of results in found in Annex III to the report. [28 Jun 2024] #CyberIncident
ESMA and EBA publish guidelines on suitability of management body members and shareholders for entities under MiCAR
The European Securities and Markets Authority (ESMA) and the European Banking Authority (EBA) have published joint guidelines on the suitability of members of the management body, and on the assessment of shareholders and members with qualifying holdings for issuers of asset reference tokens (ARTs) and cryptoasset service providers (CASPs), under the Markets in Crypto Assets Regulation (MiCAR).
The first set of guidelines covers the presence of suitable management bodies within issuers of ARTs and CASPs. It provides common criteria to assess the knowledge, skills, experience, reputation, honesty and integrity of members of the management body, as well as whether they can commit sufficient time to perform their duties to ensure a sound management of these entities.
The second set of guidelines concerns the assessment of the suitability of shareholders or members with direct or indirect qualifying holdings in a supervised entity. It equips national competent authorities (NCAs) with a common methodology to assess the suitability of the shareholders and members with direct or indirect qualifying holdings for the purpose of granting authorisation as issuers of ARTs or as CASPs, and for carrying out the prudential assessment of proposed acquisitions. [27 Jun 2024] #MiCAR #ARTs #Crypto
OJ: DORA RTS
The following Commission Delegated Regulations supplementing the Digital Operational Resilience Act (DORA) have been published in the Official Journal of the European Union (OJ):
- Commission Delegated Regulation (EU) 2024/1772 supplementing DORA with regard to regulatory technical standards (RTS) specifying the criteria for the classification of ICT-related incidents and cyber threats, setting out materiality thresholds and specifying the details of reports of major incidents;
- Commission Delegated Regulation (EU) 2024/1773 supplementing DORA with regard to RTS specifying the detailed content of the policy regarding contractual arrangements on the use of ICT services supporting critical or important functions provided by ICT third-party service providers; and
- Commission Delegated Regulation (EU) 2024/1774 supplementing DORA with regard to RTS specifying ICT risk management tools, methods, processes, and policies and the simplified ICT risk management framework.
The Regulations will enter into force on the twentieth day following that of their publication in the OJ. [25 Jun 2024] #DORA #OpRes
ECB: Progress report on digital euro preparation phase
The European Central Bank (ECB) has published its first progress report on the digital euro preparation phase, which was launched on 1 November 2023 with the aim of laying the foundations for the potential issuance of a digital euro. The report outlines the progress made on key digital euro design aspects and the envisaged next steps for the project. [24 Jun 2024] #DigitalEuro #CBDC
Hong Kong
HKMA and BDF announce collaboration on wholesale CBDC
The HKMA and the Banque de France (BDF) have announced their collaboration on wholesale central bank digital currency (CBDC).
The latest collaboration is the HKMA's participation in Wave 2 of the European Central Bank's Eurosystem exploratory work. This involves the exploration of new technologies for wholesale central bank money settlement in the form of trials with actual settlement in central bank money and experiments with mock settlement in a test environment.
The BDF and the HKMA will study the interoperability between their wholesale CBDC infrastructures – the BDF's DL3S and the HKMA's Project Ensemble Sandbox. The study will focus mainly on real-time cross-border and cross-currency payments, and explore how to optimise settlement efficiency and facilitate interoperability between different jurisdictions' financial market infrastructures.
The HKMA and the BDF have recently signed a memorandum of understanding to foster innovation in wholesale CBDC and the tokenisation market. They have agreed to strengthen communication and collaboration, and lay the groundwork for further efforts on tokenisation and new technologies. [27 Jun 2024] #CBDC #Payments #Tokenisation
HKIMR publishes applied research reports on DeFi and metaverse
The Hong Kong Institute for Monetary and Financial Research (HKIMR), the research arm of the Hong Kong Academy of Finance, has announced the publication of two new applied research reports, titled 'Decentralised Finance: Current Landscape and Regulatory Developments' and 'The Metaverse: Opportunities and Challenges for the Financial Services Industry' respectively.
The reports provide an in-depth analysis on decentralised finance (DeFi) and the metaverse and their uses in the financial services industry, as well as an overview of the regulatory landscape internationally and in Hong Kong. They also discuss the findings of surveys and interviews, exploring local market practitioners’ engagement, opportunities and challenges, and the talent landscape associated with the evolution of these technologies.
The reports also conclude with some considerations with an aim to facilitate the healthy development and application of the technologies within Hong Kong’s financial services industry.
DeFi:
- Its regulation should continue to be inspired by the guiding principle of 'same activity, same risk, same regulation', with deep-dive research being crucial for enhancing the understanding of the associated risks.
- It would be worthwhile to assess the possibility of co-developing centralised and decentralised financial infrastructure as a hybrid model to enjoy the benefits of both worlds while bringing these activities within regulatory remits.
- Promoting blockchain-related talent development is also essential for addressing the knowledge gaps that hinder the adoption of virtual assets and DeFi.
- Strengthening public-private sector dialogue and collaboration can allow financial authorities to resolve regulatory uncertainty and better understand market needs.
The metaverse:
- Considerations include nurturing talent and fostering innovative entrepreneurship, supporting technology and digital infrastructure developments, increasing knowledge about the metaverse and fostering collaborations among stakeholders and across jurisdictions, as well as adapting the relevant regulatory framework to keep in view of the latest developments and establishing well-defined corporate governance structures for metaverse adoption within financial institutions. [25 Jun 2024] #DeFi #Metaverse
Singapore
MAS expands industry collaboration to scale asset tokenisation for financial services
The Monetary Authority of Singapore (MAS) has announced the expansion of initiatives to scale asset tokenisation for financial services. This includes partnering with global industry associations and financial institutions (FIs) to drive common asset tokenisation standards in fixed income, foreign exchange (FX), and asset and wealth management. [27 Jun 2024] #Tokenisation
MAS whitepaper: Global Layer One
MAS has published a whitepaper introducing the Global Layer One (GL1) initiative which explores the development of a multi-purpose, shared ledger infrastructure based on distributed ledger technology (DLT) that is envisioned to be developed by regulated financial institutions (FIs) for the financial industry. [27 Jun 2024] #DLT
US
FINRA reminder: Regulatory obligations when using GenAI and large language models
FINRA has issued Regulatory Notice 24-09 which reminds members of their regulatory obligations when using generative artificial intelligence (GenAI) and large language models. FINRA notes that its rules – which are intended to be technology neutral – and the securities laws more generally, continue to apply when member firms use GenAI or similar technologies, just as they apply when member firms use any other technology or tool. The notice does not create new legal or regulatory requirements or new interpretations of existing requirements, nor does it relieve member firms of any existing obligations under federal securities laws and regulations. [27 Jun 2024] #GenAI #AI
Rashid Ahmed
FSR & CCI Professional Support Paralegal, London
Vasuki Balasubramaniam
FSR & CCI Professional Support Paralegal, London
Disclaimer
The articles published on this website, current at the dates of publication set out above, are for reference purposes only. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action.