11. Juli 2019
From new rules for P2P platforms, to recommendations on the UK's Suspicious Activity Reporting Regime, Taylor Wessing takes a look at the latest regulatory developments in the world of financial services.
The European Banking Authority (EBA) has published an Opinion on the elements of Strong Customer Authentication (SCA), which will legally apply from 14 September 2019. In particular, the EBA have provided a non-exhaustive list of the types of authentication which it has seen in the market and observed whether these are considered to be compliant with the SCA rules.
Whilst the EBA has reiterated the application date of SCA, it "acknowledges the complexity of the payments markets across the EU and the necessary changes… required to enable the issuer to apply SCA… which may be challenging and may lead to some actors in the payments chain not being ready."
The EBA therefore accepts that "on an exceptional basis and in order to avoid unintended negative consequences for some payment service users", national competent authorities may decide to work with payment service providers and relevant stakeholders to provide limited additional time to allow issuers to migrate to authentication approaches that are compliant with SCA (such as those described in the Opinion).
The European Commission has explained that it welcomes the clarifications in the Opinion and "calls on all market players to step up their efforts in the run-up to 14 September".
The FCA has published the fourth version of "Our Approach", its payment services and e-money focused framework.
This updated document adds guidance on refused payment fees consulted on in CP 18/42, shedding further light on the categories of costs that may properly be considered when setting the level of fees.
This guidance forms new paragraphs 8.251 to 8.259, but the FCA disclaims that the document has not otherwise been reviewed or updated.
On 4 June 2019, the FCA published a Policy Statement setting out the final positions it has reached on the rules and guidance that apply to peer-to-peer (P2P) platforms. It also discusses existing rules that apply to investment-based crowdfunding platforms.
In summary, the FCA is:
The new rules will apply to P2P platforms from 9 December 2019, with the exception of the rules relating to home finance products (which came into effect on 4 June 2019). The FCA plans to closely monitor the crowdfunding market as it continues to develop.
The PRA has published its annual report for the year ended 28 February 2019. The PRA states that it is putting an increasing emphasis on emerging risks (including Brexit, cyber and climate) and that moving forward, it will be taking advantage of the opportunities afforded by technology in order to "supervise more effectively and efficiently".
Amongst other things, the report contains a review of the PRA's activities throughout 2018 to 2019, touching on:
On 4 June 2019, European Securities and Markets Authority (ESMA) published an updated version of its Q&As on the Alternative Investment Fund Managers Directive (AIFMD) and an updated version of its Q&As on the application Undertakings for Collective Investment in Transferable Securities (UCITS) Directive.
The AIFMD Q&As relate to:
The UCITS Q&As relate to:
On 18 June 2019, the FCA published an open letter from Andrew Bailey (the FCA's Chief Executive) to Nicky Morgan MP (Chair of the Treasury), surrounding the suspension of Neil Woodford's flagship fund, LF Woodford Equity Income Fund (WEIF), which prevented investors from accessing their accounts for more than two weeks.
The letter explains that Link Fund Solutions (WEIF's fund manager) deemed the suspension necessary due to the risk that assets would have to be sold at prices below current values and that the resulting composition of WEIF's assets would be more illiquid than current values.
The letter also discusses the purpose of a suspension and the factors which dictate how long a suspension should be and at what point the FCA will intervene in a suspension.
Following this letter, Andrew Bailey faced enquiries from the Treasury Committee over the regulator's handling of the fund's gating at a hearing on 24 June 2019. He said that WEIF's managers were able to engage in "regulatory arbitrage" by exploiting gaps in the UCITS regulations and that "they were using the rules to the full, and they were not telling us they were doing that."
On 18 June, 2019, the International Organisation of Securities Commissions (IOSCO) published the final report of its cyber taskforce.
The report seeks to promote sound cyber practices across all IOSCO members and provides an overview of three internationally-recognised cyber standards and frameworks used by IOSCO members, which the report refers to as "core standards".
The report is designed to be used as a resource by regulators and to raise awareness of existing international cyber standards and frameworks, and to encourage the adoption of good practices to protect against cyber risk.
By highlighting the application of core standards by some IOSCO members, the taskforce hopes more members will review their own cyber standards against the core standards and where relevant, use the core standards as a model to further improve their cyber regimes.
The Taskforce plans to consider using sector-wide organisational surveys as part of the next phase of its work, to gain a better understanding of where the gaps lie.
On 18 June, 2019, the Law Commission published its final report, entitled Anti-Money Laundering: the SARs Regime. The report examined the current flaws in the making of suspicious activity reports (SARs), which it described as being voluminous and often of low quality.
The Report makes 19 recommendations, of which the following are the most significant:
The Government will now consider the report and decide whether or not to carry out the recommendations.
On 20 June 2019, the European Central Bank (ECB) published a speech, delivered by ECB Supervisory Board Chair Andrea Enria, on the importance of culture and governance for good banking.
In the speech, Mr Enria focuses on the progress made by the banking sector in the last few years to improve governance, conduct and culture, However, he says that more needs to be done, with considerable effort being necessary to achieve a permanent change in mindset.
The key points are as follows:
On 4 June 2019, UK Finance published "Principles for Exiting a Customer".
The principles outline the approach that a bank should adopt when communicating a decision to a customer that it cannot offer, or continue with, the provision of its service. It is important for the bank to engage with its customer, before taking an exit decision.
The principles do acknowledge, however, that it may not always be appropriate or permissible for a bank to engage in a dialogue to explain its reasoning. Such situations may include a breach of terms and conditions (including fraud), abusive or threatening behaviour to colleagues, and directions from regulators, the government, police and other authorities.
The principles also consider the importance of the bank engaging with its customer following an exit decision. They state that (amongst other matters), the bank should:
In every case, the bank must always ensure that the customer is treated fairly.
On 21 June 2019, the FCA published the final notice (dated 20 June 2019) that was issued to the Bank of Scotland (BOS). BOS was fined £45.5 million for failing to disclose information about its suspicions relating to fraud.
The FCA found that BOS had failed to be open and co-operative with the FSA and failed to disclose information in relation to their suspicions that fraud may have happened within the Reading-based impaired assets (IAR) team of Halifax Bank of Scotland (HBOS). This was in breach of Principle 11 of the FCA's Principles for Businesses.
In early 2017, BOS discovered a serious control breakdown in IAR. The IAR's regional director had been sanctioning limits and additional lending facilities beyond the scope of their authority. This had remained undetected for at least three years.
By May 2007, BOS had identified suspicious conduct, including suspicions of fraud and knew that the impact of these breaches would result in substantial losses.
The FCA viewed the failings as particularly serious for reasons, which included the following:
On 6 June 2019, the Bank of England (BoE) published its annual report under the Prescribed Persons (Reports on Disclosures of Information) Regulations 2017.
The report covers the period for 1 April 2018 to 31 March 2019 and summarises the whistleblowing disclosures received by the BoE and the PRA. The report states that the BoE and the PRA have received 160 disclosures, of which 128 were qualifying disclosures, which have been the subject of supervisory consideration.
Four cases (including three cases considered by the PRA, which originated from the FCA) have been referred to the BoE's enforcement litigation division and 24 cases have been referred to the FCA. The report states that 13 disclosures were of "significant value" and contributed to the discharge of regulatory activity.
The remaining cases were either not immediately actionable, did not meet current regulatory risk thresholds, were of little value or are still under assessment.
What was the largest numerical bill to ever circulate as legal tender?
Answer to last month's question: £31