A round-up of what you might have missed in financial services regulation in the past month.
This month in summary:
On 30 September 2019 the European Banking Authority (EBA) guidelines on outsourcing published in February (the Guidelines) came into force.
The Guidelines follow MiFID II in defining outsourcing as an arrangement between a firm and a service provider by which the latter performs an activity the firm would otherwise undertake itself, as well as in distinguishing between the outsourcing of critical or important functions (critical outsourcing), triggering extra obligations, and other kinds.
The Guidelines state that firms must have written outsourcing policies in place, covering a range of points. They must keep registers of outsourcing arrangements, with more information for critical instances, and make these available to regulators on request. Firms must assess whether a proposed outsourcing will be critical, undertake due diligence on the supplier and identify risks, and for critical outsourcing notify regulators if they wish to proceed. Intra-group outsourcing is permitted but must be objectively justifiable and subject to arm's length conditions.
Outsourcing agreements must also satisfy certain requirements. Some are often addressed already, for example on data security, service levels and termination rights. Others, such as a right to object to sub-outsourcing and audit and access rights for both firms and regulators, may be less familiar to suppliers.
Contractual requirements apply to new agreements immediately. For arrangements that were already in place on 30 September, firms should make required changes on renewal and at the latest by 31 December 2021.
On 23 October, the EBA issued an opinion on disclosure to consumers of banking services through digital means under Directive 2002/65/EC (DMD), addressed to the European Commission in light of its pending evaluation of the DMD. Despite the title, the EBA makes it clear its proposals are relevant across all financial services within its scope and financial services generally, not just banking.
The EBA believes the increasing use of digital marketing has caused consumer detriment and that the DMD should therefore be revised to focus on presentational aspects of disclosure. In particular, it suggests new requirements for advertising, the prohibition of pre-ticked boxes in some circumstances, a requirement to highlight fee information, dedicated spaces for withdrawal and complaint rights, the use of texts and push notifications where appropriate and a need for firms to ensure the 'active and informed consent' of customers who commit to their services.
Some of the EBA's proposals (for example, on advertising) are already reflected in the UK to a certain extent. Nonetheless, it will be interesting to see whether DMD reform picks up on the EBA's points and what effect this may have in the UK in view of Brexit.
The FCA has published a statement entitled ‘UK’s exit from the EU delayed’. As the EU and the UK have agreed to extend the date for the UK’s departure from the EU, the FCA confirmed that firms do not need to take action to implement Brexit contingency plans for 31 October.
As a result, the FCA extended the date by which firms and funds must notify it for entry into the temporary permissions regime (TPR) to 30 January 2020. Fund managers will have until 15 January 2020 to inform the FCA if they want to make changes to their existing notification.
On 25 October 2019, the FCA published Policy Statement 19/26: Brexit – Regulatory Technical Standards for Strong Customer Authentication and Common and Secure Open Standards of Communication (PS19/26).
The EU Regulatory Technical Standards for strong customer authentication (SCA-RTS) came into force on 14 March 2018, and firms were required to comply fully by 14 September 2019.
The Payment Services Regulations 2017 (PSRs 2017) make provisions for firms to comply with the SCA-RTS. In the event of a no-deal Exit, Exit-related amendments to the PSRs 2017 will come into effect. These amendments will require firms in the UK to comply with the UK regulatory technical standards (UK-RTS) made by the FCA instead of the SCA-RTS.
Payment service providers must comply with the provisions of the UK-RTS in the event of a no-deal Brexit. In the event of a no-deal Brexit, firms should treat the FCA’s August 2019 statement regarding the 18-month adjustment period for SCA-RTS as applying to the UK-RTS.
On 15 October, the FCA published a consultation paper (CP 19/29) on its proposals for "cryptoasset businesses" to register with the FCA and then begin paying an annual periodic fee based on income.
From 10 January 2020, the FCA will be supervising cryptoasset businesses in respect of anti-money laundering (AML) and counter terrorist financing (CTF), as a result of the 5th Money Laundering Directive (5MLD), which introduces certain requirements for firms engaging in cryptoasset activities. The FCA will not be supervising cryptoasset firms for any conduct of business matters.
A new business that intends to carry on cryptoasset activities after 10 January 2020 must apply to register with the FCA for AML / CTF purposes. Existing businesses that have been carrying on ccryptoasset activities before 10 January 2020 must be registered by 10 January 2021.
The FCA proposes a registration fee of £5,000.00, together with ongoing fees, which will be based on income arising from cryptoasset business. Respondents must submit their comments:
New FCA webpage on AML/CTF regime for cryptoassets
The FCA has published a new webpage concerning the AML and CTF supervision of cryptoasset businesses under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs).
The webpage sets out which cryptoasset businesses will be covered by FCA supervision, though this scope may change once HM Treasury publishes its policy statement on 5MLD.
The webpage also includes the following key dates, together with guidance on the FCA's approach to supervision, assessment and enforcement:
On 30 September 2019, the FCA published policy statement PS19/24: Illiquid assets and open-ended funds and feedback to consultation paper CP18/27 (PS 19/24) setting out new rules applicable to non-UCITS retail schemes (NURSs), which are summarised below.
A new category of ‘funds investing in inherently illiquid assets’ (FIIA) has been created. Funds that fall into this category will be subject to additional requirements, including increased disclosure of how liquidity is managed, standard risk warnings in financial promotions, enhanced depositary oversight, and a requirement to produce liquidity risk contingency plans.
This category covers NURSs which have:
NURSs investing in inherently illiquid assets must suspend dealing where there is material uncertainty regarding the value of more than 20% of the fund’s assets. Fund managers will be able to continue to deal where they have agreed with the fund’s depositary that this is in the investors’ best interests.
Finally, fund managers of FIIAs must produce contingency plans for dealing with liquidity risks. These contingency plans must be disclosed in each fund’s prospectus, and FIIAs must have relevant agreements in place with any third parties on whom it relies to deliver the contingency plan. Depositaries are also given a specific duty to oversee the processes used to manage the liquidity of the fund.
The new rules and guidance come into force on 30 September 2020.
The LIBOR interest rate benchmark is still being used in new contracts despite the fact it will be discontinued after the end of 2021.
LIBOR, a benchmark of the average rate at which banks are willing to borrow wholesale, unsecured funds, is no longer recognised by the Bank of England (BoE) as a reliable. Market participants are instead being encouraged to use a benchmark that accurately measures transactions in today's financial markets.
The Working Group on Sterling Risk Free Reference Rates, set up by the BoE, announced in April 2017 that the Sterling Overnight Index Average (SONIA) was its preferred near risk free interest rate benchmark for sterling derivatives and financial contracts.
Transactions in the derivatives market already include SONIA rates, but the BoE wants more to be done by firms generally. It has said that firms "need to focus on shifting new business from Libor to alternative rates, and should put in place a clear transition plan to mitigate their legacy risk from older contracts."
Moving to SONIA may not be a straightforward exercise. Variation of contracts and customer communications are issues that firms will need to address. More guidance from the regulators on how firms should deal with these issues may encourage firms to accelerate their transition planning.
The Working Group on Sterling Risk Free Reference Rates (RFR WG) has sent letters to the PRA, FCA and international authorities regarding regulatory barriers and enablers to transition away from LIBOR.
In its letter to the FCA, the RFR WG had identified "a number of specific regulatory barriers", such as conduct risk and a firm's regulatory permissions.
Regarding regulatory permissions, the RFR WG noted that in order for customers with an existing LIBOR linked mortgage to be transitioned, the lender may need FCA permission to enter into a regulated mortgage contract. However, not all lenders or book owners with LIBOR linked mortgages will have the regulatory permissions to do so.
The RFR WG suggested a way around this could be for those firms to use a third party administrator (TPAs) to carry out this activity on the lender's behalf, providing of course the TPAs have the requisite regulatory permissions. The FCA has been asked to provide guidance on appropriate ways to address this issue.
Conduct Risk and LIBOR
Client communications was one example of conduct risk faced by firms. Firms are said to be concerned with how to appropriately communicate with clients about SONIA. While FCA speeches were said to be "helpful in highlighting the criticality and impact of the transition", guidelines or expectations on the reasonable steps firms should be taking to communicate the transition would be welcomed by the RFR WG.
In its letter to the PRA, the RFR WG highlights changing contractual terms as one area of concern that the PRA should be aware of.
The RFR WG mentioned that changing terms of existing securities with maturities beyond 2021, could be deemed as new securities instead of existing issuance.
It recommended authorities clarify that such a change to contractual terms for in-scope liabilities are deemed as automatic. It is thought this would mitigate what is identified as one of the significant barriers to making the transition possible.
On 16 October, the EBA issued an opinion on the deadline for strong customer authentication (SCA) implementation for e-commerce card-based transactions, saying that in its view all migration plans should be completed by 31 December 2020. It also proposed a table of dates by which national regulators should collect information from both issuing and acquiring payment service providers to keep track of progress, and stated that the flexibility it has allowed since June should be not be interpreted as a 'delay' in application of the rules.
At UK level, the FCA had set a deadline for full compliance for e-commerce at 31 March 2021, by which point the migration plan it agreed with UK Finance should be fully rolled out. So far the FCA has not revised its policy in light of the EBA's new opinion.
On 4 October 2019, the administrators of Berkeley Burke SIPP Administration Limited (BBSAL) decided to discontinue BBSAL’s appeal of the High Court’s judgment regarding the firm’s judicial review of a Financial Ombudsman Service (FOS) final decision against it.
The FCA has published a statement reminding SIPP operators of its Dear CEO letter published in October 2018, in which explains that if the outcome of a case calls into question a SIPP operator’s ability to meet financial commitments as they fall due, they should contact the FCA immediately. Firms are also reminded of their obligations to treat complainants fairly and handle complaints according to the rules set out in the Dispute Resolution Handbook.
The FCA further explains that in assessing any future regulatory applications, including applications for individuals to hold (or resume holding) FCA-approved roles, it will take account of how those individuals have acted in the context of the considerations outlined in the Dear CEO letter.
This publication is intended for general guidance and represents our understanding of the relevant law and practice as at November 2019. Specific advice should be sought for specific cases. For more information see our terms & conditions.