Careers

Learn more

Qualified professionals

Learn more

Trainee & intern programmes

Learn more

Offices

New York

Learn more

San Francisco

Learn more
A&L Goodbody logo
Financial Services Regulation and Compliance - Cross Sectoral and Other June 2024

Financial Regulation Advisory

Financial Services Regulation and Compliance - Cross Sectoral and Other June 2024

Domestically, the CBI issues Dear CEO letter on discretionary commission arrangements in the motor finance industry. At European level, the EBA publishes three sets of RTS from Phase 1 of the DORA implementation plan.

Thu 18 Jul 2024

15 min read

Domestic 

Central Bank of Ireland publishes responses to its Consultation Paper 156 and announces plans to establish Innovation Sandbox Programme in 2024

On 4 June 2024, the Central Bank of Ireland (CBI) published the responses to its Consultation Paper 156 which set out the CBI’s proposed enhancement to the approach by which they engage with innovation in the financial services industry and the establishment of the Innovation Sandbox.

There was a positive endorsement of the enhancements underway in the Innovation Hub. On the same day, the CBI also published an Innovation Hub update for 2023, which reports that the CBI’s Innovation Hub engaged with 66 firms in 2023, a 20% increase from 2022, and an increase in engagement from small early start up innovators.

Additionally, the CBI has announced its intention to establish an Innovation Sandbox Programme (programme) later this year following supportive responses to Consultation 156 by stakeholders. The programme aims to provide regulatory advice and support to innovative projects that promote better outcomes for society and the financial system. It will take a thematic approach, with the themes, together with a call for potential participants, to be issued in the coming months. The first programme will commence in Q4 of 2024.

The CBI does not propose to provide derogations or waivers from legislation or regulation, and the programme will apply the regulatory framework proportionally, with an outcome-focused, risk-based approach.

CBI publishes guidance in relation to submitting individual questionnaires for persons who are proposed to hold pre-approval controlled functions

On 5 June 2024, the CBI published updated guidance for regulated financial service providers (RFSPs), holding companies and applicant firms on the submission of individual questionnaires for persons who are proposed to hold PCFs via the CBI’s portal.

CBI publishes its Financial Stability Review 2023

On 11 June 2024, the CBI published its first Financial Stability Review for 2024 (the report). The report reflects on the main risks facing the financial system and assesses the resilience of the financial system to those risks.

The key points covered in the report include:

Dear CEO Letter regarding discretionary commission arrangements in the motor finance industry

On 12 June 2024, the CBI issued a Dear CEO letter to firms providing motor finance to consumers through hire-purchase agreements via credit intermediaries following a review by the CBI of the commission models in place in relation to those arrangements.

The CBI stated that it is not satisfied that discretionary commission arrangements (DCAs), in particular the incentives they create for credit intermediaries to apply a higher interest rate to increase the amount of commission received, are consistent with Provision 3.25A of the Consumer Protection Code 2012 (CPC). The CBI expects firms providing these products to take steps to cease the practice of DCAs immediately but no later than 31 July 2024 in anticipation of the full CPC.

The CBI also expects firms to review their approach to the disclosure of commission arrangements to consumers in accordance with both current and proposed CPC requirements and, following the review, if necessary, ensure that there is appropriate disclosure of commission arrangements to consumers and amend relevant customer documentation, as soon as possible, but no later than 30 August 2024. The outcome of the review should also be reported to the CBI by 30 September 2024. 

CBI published Regulatory Service Standards Performance Report 2023

On 18 June 2024, the CBI published its Regulatory Service Standards Performance Report for the year 2023 (the report). The report demonstrates the performance of the CBI in meeting the service standards to which it has committed in the areas of authorisation of financial service providers (FSPs) and investment funds, approval of prospectuses; assessment of pre-approval controlled function (PCF) individual questionnaire (IQ) applications; and performance of its third-party contact management service.

The CBI noted that all service standards were met for the year 2023. The CBI also reaffirmed its commitment to provide clean, open and transparent authorisation processes, all while ensuring rigorous assessment of each application against the applicable regulatory standards.

CBI introduces amendments to the Minimum Competency Code

On 19 June 2024, the CBI amended the competencies for retail financial products in Appendix 3 of the Minimum Competency Code 2017 (MCC). The amendments introduce competencies relating to sustainability for all retail financial products. The amendments also incorporate the suitability requirements under the Markets in Financial Instruments Directive II (MiFID II) and Insurance Distribution Directive (IDD).

Part 1 of the addendum outlines the amendments made to recognise sustainability knowledge and competencies in the context of the MCC. Additionally, the CBI have made certain drafting amendments to update references in the MCC which are set out in Part 2 of the addendum.

The addendum will apply to anyone selling or providing advice on financial products or services that incorporate a sustainability element from 1 January 2025.

CBI publishes its Authorisation and Gatekeeping Report

On 24 June 2024, the CBI published its first edition of the Authorisation and Gatekeeping Report (the report). The publication of the report signals the CBI’s ongoing commitment to efficiency and addresses feedback received from stakeholders that the CBI should improve their clarity and responsiveness to incoming applications.

The report outlines how the CBI discharge and continue to refine their authorisation mandate. It provides information on the authorisation framework and the CBI’s risk appetite and demonstrates the CBI’s priorities and expectations of applicant firms.The report also provides insight into the operation of the F&P regime and outlines the key challenges that the CBI see for firms seeking authorisation.

European

ECB launches a public consultation on its new guide on cloud outsourcing arrangements

On 3 June 2024, the European Central Bank (ECB) launched a public consultation on its new guide on outsourcing cloud services to cloud service providers. The guide on outsourcing of cloud services follows findings of deficiencies in banks’ IT outsourcing strategies by the ECB.

The guide seeks to provide clarity on the ECB’s understanding of the relevant legal requirements, supervisory expectations and best practices for the outsourcing of cloud services.

The consultation on the guide on outsourcing cloud services started on 3 June 2024 and will end on 15 July 2024. Subsequently, the ECB will publish comments received, along with a feedback statement and the final guide.

Memorandum of Understanding signed by ESAs and ENISA to strengthen cooperation and information exchange

On 5 June 2024, the ESAs completed a memorandum of understanding (MoU) with the European Union Agency for Cybersecurity (ENISA).

In connection with the Directive on measures for a high common level of cybersecurity (NIS2 Directive) and the Digital Operational Resilience Act (DORA), the MoU seeks to strengthen cooperation and information exchange through the establishment of a framework for cooperation, including policy implementation, incident reporting and oversight of critical information communication technologies (ICT) third-part providers. Further, it sets out to promote the regulatory convergence, facilitate cross-sectoral learning and capacity building on areas of mutual interest, and information exchange on emerging technologies. 

Chair of the Joint Committee of the ESAs and ESMA Chair, Verena Ross, stated:

This new cooperation agreement that we sign today will reinforce the collaboration between the ESAs and ENISA. By bringing together the ESAs working on cybersecurity risk in the financial sector and ENISA as the EU’s cybersecurity agency, we are further strengthening our commitment to safeguarding the financial system from information security risks. In an interconnected world, ICT risk does not limit itself to one geographical or sectoral area, making cooperation in this field crucial. Through facilitating collaboration and resource sharing, we continue to enhance our capability to detect and respond to cybersecurity threats.

ESAs publish 2023 Annual Report

On 7 June 2024, the European Supervisory Authorities (EBA, EIOPA, and ESMA, together the ESAs) published its Annual Report (the report) for the year 2023. The report focuses on the coordinated approach and discussions undertaken by the ESAs, the European Commission, and the European Systemic Risk Board (ESRB) in relation to issues of cross-sectoral importance, including joint risk assessments, sustainable finance, operational risk and digital resilience, consumer protection and financial innovation, securitisation, financial conglomerates, central clearing and the European Single Access Point (ESAP).

Commission Delegated Regulation (EU) 2024/1085 supplementing the assessment methodology verifying an institution’s compliance with the requirements to use internal models for market risk is published

On 17 June 2024, Commission Delegated Regulation (EU) 2024/1085 supplementing Regulation (EU) 575/2013 (Capital Requirements Regulation (CRR)) with regard to regulatory technical standards (RTS) on the assessment methodology under which competent authorities verify an institution’s compliance with the requirements to use internal models for market risk was published.

The RTS aims to ensure harmonisation of supervisory practices across different jurisdictions and coherence in competent authorities' assessment of whether institutions comply with the requirements laid down in CRR. In order to ensure compliance, assessments are required to follow prescribed techniques, however, must take into account the nature, size and complexity of an institution's structure and business model, the complexity of the alternative internal models, the nature of the financial products those models cover, the quality of information provided by the institution concerned, and the resources they have at their disposal.

EPC publish updated Standards of QR-codes for mobile initiated SEPA (instant) credit transfers

On 17 June 2024, the European Payments Council (EPC), published an updated standards of QR-codes for mobile initiated SEPA (instant) credit transfers. This follows the document on the Standardisation of QR-codes for MSCTs prepared by the multi-stakeholder group on mobile initiated SEPA (instant) credit transfers (MSG MSCT) in 2022, which was published in January 2023.

The updated version provides clarification that the specified QR-code format does not only have to be used within an interoperability framework between schemes for MSCTs but by any payment scheme or payment solution wishing to create interoperability amongst their payment service providers for the exchange of data between the payer and the payee to enable the payment initiation. The version also includes updated references to documents and editorial changes.

Commission Delegated Regulation (EU) 2024/1728 supplementing the CRR with regard to RTS specifying in which circumstances the conditions for identifying groups of connected clients are met published in the Official Journal

On 18 June 2024, Commission Delegated Regulation (EU) 2024/1728 supplementing the CRR with regard to RTS specifying in which circumstances the conditions for identifying groups of connected clients are met, (the Delegated Regulation) was published in the Official Journal.

The Delegated Regulation partially revokes and replaces the EBA guidelines on connected clients under Article 4(1)(39) of the CRR. It also sets out the criteria for determining whether two or more natural or legal persons who are so closely linked by idiosyncratic risk factors should be treated as a single risk. Further, the Delegated Regulation specifies the factors necessary to assess where control and economic dependencies co-exist within one group of connected clients in such a way that all relevant persons constitute a single risk.

The Delegated Regulation will enter into force on the twentieth day following its publication in the Official Journal, on 8 July 2024.

Commission Delegated Regulation setting out disclosures for STS non-ABCP traditional securitisation and on-balance-sheet securitisations published in the Official Journal

On 18 June 2024, Commission Delegated Regulation (EU) 2024/1700 supplementing Regulation ((EU) 2017/2402 (Securitisation Regulation with regard to RTS specifying, for simple, transparent and standardised (STS) non-ABCP traditional securitisation, and for STS on-balance-sheet securitisation, the content, methodologies and presentation of information related to the principal adverse impacts of the assets financed by the underlying exposures on sustainability factors, (the Delegated Regulation) was published in the Official Journal.

The Delegated Regulation seeks to introduce new optional disclosure provisions for STS securitisations through the standardisation of the type and presentation of information an originator may elect to disclose about the principle adverse impacts of assets financed by underlying exposures on socio-environmental factors. The Delegated Regulations brings the reporting requirements broadly in line with the EU Sustainable Finance Disclosure Regulation (SFDR).

The Delegated Regulation will enter into force on the twentieth day following its publication in the Official Journal of the EU, on 8 July 2024.

European Commission launches consultation and workshop series on the use of artificial intelligence in finance

On 18 June 2024, the European Commission (the Commission) launched a consultation seeking input from stakeholders on the use of artificial intelligence (AI) in the financial sector. The stakeholder input on the consultation will form the base from which the Commission will provide guidance to the financial sector for the implementation of the AI Act. Responses to the consultation are to be submitted by 13 September 2024.

Further, in conjunction with the ESAs and national supervisors, the Commission will host a workshop series. The workshops will give stakeholders an opportunity to present projects and exchange ideas about the latest developments in AI. Registration for the workshop is open until 26 July 2024.

The EU’s AML/CTF package has been published in the Official Journal

On 19 June 2024, the EU’s anti-money laundering and countering the financing of terrorism (AML/CFT) package was published in the Official Journal.

Council of the European Union agrees position on simpler financial reporting requirements

On 19 June 2024, the Council of the European Union (the Council) agreed on its proposal to simplify reporting requirements with the financial services and investment support sector.

The proposal updates existing rules on data sharing between the ESAs and other financial sector authorities to reduce administrative burden for authorities and avoid double reporting. The proposal provides for a reduction in the frequency of reporting for InvestEU implementing partners from every six months to once a year. It is hoped that this will provide a direct benefit to EU and national financial sector authorities and an indirect benefit to financial sector entities that are required to provide information to those authorities.

Once agreement is reached between the Council and the European Parliament, it will need to be formally adopted prior to it becoming law.

ECB publishes first progress report on digital euro preparation phase

On 24 June 2024, the ECB published its first progress report on the digital euro preparation phase, that was launched on 1 November 2023 with the aim of laying the foundations for the potential issuance of a digital euro.

The report details the progress made on key digital euro design aspects along with the envisaged next steps for the digital euro. It demonstrates:

EBA publishes three sets of RTS from Phase 1 of the DORA implementation plan

On 25 June 2024, three sets of RTS under the Digital Operational Resilience Act (DORA) were published in the Official Journal.

All three Commission Delegated Regulations will enter into force on 15 July 2024.

EBA sets out priorities and timetable for transition to AMLA

On 26 June 2024, the European Banking Authority (EBA) issued a factsheet in which it sets out its AML/CFT priorities ahead of the establishment of the new AML/CFT authority in the EU (AMLA). Under the EU’s new legislative AML/CFT framework, Regulation (EU) 2024/1620 (AMLA Regulation), established AMLA, which will be the dedicated AML/CFT authority in the EU.

AMLA will directly supervise credit and financial institutions that operate cross-border within the EU and are exposed to the highest ML/TF risk. AMLA will also draft AML/CFT standards and guidelines, oversee AML/CFT supervisors and co-ordinate Financial Intelligence Units.

The EBA will retain its AML/CFT powers and mandates until December 2025 to mitigate disruption and provide continuity. Additionally, the EBA will also continue working closely with AMLA going forward. After transferring its AML/CFT mandates, powers and resources to AMLA at the end of 2025, in accordance with Articles 103 and 108 of the AMLA Regulation, the EBA will remain responsible for addressing ML/TF risk across its prudential remit.

For more information on these topics plpurport ease contact any member of A&L Goodbody's Financial Regulation Advisory team.

This publication provides an overview of certain legal and regulatory developments that may be of interest to certain entities. It does not purport to provide analysis of law or legal advice and is strictly for information purposes only.