19 Jun What financial regulation is on the horizon for the forthcoming year?
Since March, focus has been firmly on Covid-19 but there is further financial regulation scheduled to be introduced in the remainder of 2020 and 2021 which firms need to be aware of. Both the FCA (Financial Conduct Authority) and the PRA (Prudential Regulation Authority) have published their key priorities for the year ahead, and ESMA (European Securities and Markets Authority) is due to report on some key consultations which will lead to changes, including information on MiFID II and PRIIPS (Packaged Retail Investment and Insurance-Based Products).
So, what are the key regulatory shifts that firms need to be looking out for in the forthcoming year?
Brexit and its implications
Lost slightly in the recent Covid-19 storm, Brexit is still going to have some far-reaching implications for financial services firms, particularly in the latter stages of 2020 and the beginning of 2021 after the transition period ends. The biggest issues will be equivalence and passporting rights so that firms can continue to execute cross border deals easily. In May, the UK Treasury said it is prioritising equivalence arrangements for financial services firms to try and arrange a smooth transition at the end of the year but specifics of how this could work are still to be announced.
Cross-border regulations and MiFID II
Some aspects of MiFID II are currently under review by the European Commission, and the next date for consultation reporting is scheduled for July. The MiFID (Markets in Financial Instruments Directive) framework was initially established to standardise financial regulation across EU jurisdictions but some elements of the directive have come under fire, including transaction reporting and investor protection rules. Amendments to MiFID II will probably depend on the feedback from the consultation and are likely to be complicated by the outcome of Brexit, but new rules for third-country firms accessing EU markets, including more stringent verification, are expected to come into play in 2021.
Anti-Money Laundering Regulations
Anti-Money Laundering regulations evolve constantly as regulatory bodies attempt to respond to new threats. The latest iteration of the EU’s Anti-Money Laundering Directive is 5AMLD, which came into effect on 10th January and put greater emphasis on enhanced due diligence and introduced stricter anti-money laundering regulation for cryptocurrencies and exchanges. But, just as firms are getting to grips with 5AMLD, the sixth iteration of the directive is on the horizon and expected to be introduced in December of this year, giving registered entities until July 2021 to fully implement it. The key changes include new definitions of a ‘money laundering offence’ and ‘criminal activity.’ Closer attention will need to be paid to the list of 22 predicate offences, which include environmental crime and cybercrime – the first time cybercrime has been explicitly mentioned in an AML directive. The new directive also includes an extension of the persons within a firm that can be found criminally liable for money laundering offences and increased penalties, with a potential maximum of four years imprisonment. How Anti-Money Laundering regulations might diverge from the EU directive for UK firms, post-Brexit, is unclear though but maintaining the same standard will be a crucial component of equivalence.
PRIIPS and KIDS
PRIIPS and their associated KIDs (Key Information Documents) are also under scrutiny after a consultation was launched last year and ESA published its results in January. Some of the suggested changes to KID production include altering the scenario methodology, providing alternative illustrative approaches to investors and including past performance information in a PRIIPS KID. None of these changes are likely to come into force until the end of 2021, although concerns have been raised that many UCITS share classes need to reissue their KIDs in the next 16 weeks anyway because of coronavirus-induced market volatility.
Payments and PSD2
The latest deadline for the strong customer authentication required as part of PSD2 (Payment Services Directive 2) has been pushed back for a second time to 14th September 2021. Initially, the SCA standards, which aim to improve customer security through multi-factor authentication came into effect in Europe in 2019 but the European Banking Authority gave national regulators the autonomy to push back the deadline in the face of significant technological challenges. The deadline was extended to March 2021 but now as coronavirus has wreaked havoc on the global economy, the FCA has agreed to push the deadline back further to September although it warns that, after this date “any firm that fails to comply with the requirements for SCA will be subject to full FCA supervisory and enforcement action.”
Digital finance and crypto assets
Part of the FCA’s priority plan for 2020/21 is investment in digital technologies, including deepening its engagement on AI and using technology to reduce the regulatory reporting burden on firms. To this end, it is replacing its Gabriel platform with a new system to collect firms’ data, and as part of 5AMLD, crypto assets and exchanges are required to register with the UK regulator by January 10th, 2021.
While Covid-19, and the measures to mitigate its effects, has stolen the headlines in recent months, it is clear that the regulatory requirements for financial firms are still evolving all the time. Firms need to be aware, not only about the legislation outlined above, but the other myriad of new guidelines that could come into force in the forthcoming year, as well as the potential for UK law and EU regulations to diverge after the Brexit transition period ends.