Financial Services Regulation and Compliance - Cross Sectoral and Other November 2023

Domestic

CBI hosts annual Financial System Conference

On 8 November 2023, the Central Bank of Ireland (CBI) hosted the second annual Financial System Conference (the conference). A number of high-profile speakers attended the conference and spoke on multiple issues of global financial importance.

The CBI confirmed it is finalising its review of the Consumer Protection Code (CPC) with the CPC Consultation paper now due to issue in the new year.

A number of key updates were shared on the implementation of the new Individual Accountability Framework (IAF). In particular, it was noted that the number of prescribed responsibilities has been reviewed and reduced and that the Senior Executive Accountability Regime (SEAR) obligations will not apply to independent non-executive directors (INEDs) and non-executive directors (NEDs) for a further year.

An innovation consultation was also launched at the conference which outlines how the CBI intends to evolve and deepen its approach to innovation engagement. The innovation consultation included a commitment to establish an “Innovation Sandbox Programme”, which will provide firms and new entrants access to regulatory advice and support to develop innovations that promote better outcomes for society and the financial system.

Deputy Governor of the CBI delivers speech on “Maintaining stability in the face of volatility – financial regulation in a rapidly changing world”

On 14 November 2023, Deputy Governor Sharon Donnery delivered a speech at the Compliance Institute annual conference on “Maintaining stability in the face of volatility – financial regulation in a rapidly changing world”. Of particular importance during her speech Ms Donnery noted the following:

  • the number of payment and e-money institutions regulated by the CBI has tripled in the last six years
  • regulation of the non-bank sector is already changing to address the increasingly important role the sector plays in the financial system as well as vulnerabilities uncovered in recent years
  • the CBI’s supervisory experience of innovative and fast-growing firms identified a range of weaknesses, with significant deficiencies identified in the governance, risk management and control frameworks of some payment and e-money institutions, as well as in relation to the adequacy of safeguarding arrangements
  • the CBI will be further developing its supervisory approach to the use of AI by regulated firms in the coming year

CBI publishes Individual Accountability Framework Standards and guidance

On 16 November 2023, the CBI published its finalised guidance on the Individual Accountability Framework (IAF), three sets of draft regulations and its feedback statement on the consultation on the draft guidance.

The publications outline a number of substantive changes to aspects of the IAF, including the Senior Executive Accountability Regime (SEAR), as against the draft Guidance.

The ALG IAF team have been following these developments and have are summarised the key changes in the final guidance which is available here. A brief overview of the key changes are set out below.

  • The application of SEAR to NEDs and INEDs of in-scope firms will now be deferred by one year until 1 July 2025.
  • The CBI is considering whether a ‘materiality threshold’ should be introduced for managers of outgoing branches of in-scope firms. As such, SEAR would only apply to those when the branch exceeds a defined threshold.
  • A number of prescribed responsibilities have been removed while others have been merged or moved from the general list of prescribed responsibilities to the sector or circumstance specific list of prescribed responsibilities.
  • The template for the statement of responsibilities now contains a new section to allow firms to include details of ‘other relevant information’.
  • The CBI has clarified that pre-controlled function roles may be shared in a wider set of circumstances than set out in the draft guidance.
  • The CBI has removed the additional obligation for a regulated firm to report to the CBI where formal disciplinary action has been concluded against an individual in respect of a breach of the Conduct Standards.
  • The Business Standards are being reviewed and updated as part of the CBI’s ongoing review of the Consumer Protection Code.

CBI publishes notice of intention to recognise sustainability knowledge and competence in MCC

On 24 November 2023, the CBI published a notice of intention to recognise sustainability knowledge and competence in the Minimum Competency Code 2017 (MCC) with effect from 1 January 2025. The notice states that the CBI intends to update the competencies for retail financial products in Appendix 3 of the MCC to include competencies relating to sustainability generally for all retail financial products.

There will also be additional amendments to incorporate the suitability requirements under the Markets in Financial Instruments Directive II and Insurance Distribution Directive. The notice also states that the CBI intends to recognise sustainability training for continuing professional development hours, where it is directly relevant to a person’s role.

Director of Financial Regulation Gerry Cross delivers opening speech at ALG DORA seminar

On 23 November 2023, Gerry Cross, the Director of Financial Regulation, Policy and Risk at the CBI and Chair of the Joint European Supervisory Authorities sub-committee on Digital Operational Resilience, delivered the keynote speech at an A&L Goodbody LLP event “Financial Institution Focus – Exploring DORA’s Impact”.

Mr Cross provided a detailed overview of the progress, challenges and focus areas for the implementation of the Digital Operational Resilience Act (DORA) and confirmed that DORA remains on track for the January 2025 deadline.

Mr Cross also provided the following guiding principles behind the implementation of the framework:

  1. Momentum: recognising the urgency of the task with a nearing implementation date of 25 January.
  2. Pragmatism: given the complexity of the field with the wide range of firms and business matters the approach needs to be pragmatic to accommodate the tight timelines.
  3. Quality: commitment to delivering a high-quality framework.
  4. Proportionality: an acknowledgment that the regulation is aimed to take in to account a wide range of firms.
  5. Engagement: high quality and effective engagement and taking into consideration the views and insights of all stakeholders.

Mr. Cross further addressed the following aspects of DORA and the CBI’s work to implement them:

  • ICT risk management and ICT outsourcing risk
  • operational resilience testing & threat-led penetration testing
  • ICT related incident reporting
  • oversight of critical third-party service providers

Mr Cross concluded his speech by addressing the next steps and noted that the first set of draft regulatory technical standards have already been published with the second set expected to launch towards the end of the year.

The CBI has published its second Financial Stability Review of 2023

On 23 November 2023, the CBI published its second Financial Stability Review. The report outlines the CBI’s assessment of key risks facing the financial system, the resilience of the economy and financial system to adverse shocks, and policy actions to safeguard stability.

Notable points from the report include:

  • headline inflation is falling, however underlying inflation is proving more persistent
  • the global economy continues to face higher interest rates for longer than previously expected which in turn raises risks across financial markets 
  • commercial real estate prices in Ireland have fallen by more than 20% since mid-2022
  • domestic businesses have been supported by revenue growth, however, there has been a moderate increase in the insolvency rate and early arrears on business loans
  • the profitability of the Irish banking sector continues to increase which is driven by higher interest margins
  • the countercyclical capital buffer rate will be maintained at 1.5%

Governor of the CBI Gabriel Makhlouf commenting on the report noted that since the last review the Irish economy has continued to expand, albeit at a slower pace. While the labour market remains resilient, Mr Makhlouf emphasised that a number of previously flagged risks are now closer to materialising than in June of this year.

CBI publishes a consumer research bulletin on buy now pay later products

On 14 November 2023, the CBI published a consumer research bulletin which highlights that consumers are not aware of the risks of using buy now, pay later to pay for goods and services. Of particular note from the research bulletin were the following statistics:

  • 22% of consumers do not have a full understanding of how buy now, pay later works
  • 36% think that buy now, pay later is a method of payment rather than a form of credit
  • 38% of buy now, pay later users agree that buy now, pay later has made them more likely to purchase things they don’t need
  • 43% of users agree they often spend significantly more money than planned when they use buy now, pay later

Gerry Cross, the director of Policy and Risk at the CBI urged consumers to exercise caution and consider the risks and to budget beyond the initial payment when using short-term credit. Mr Cross also noted that the CBI has been in contact with Ireland’s largest buy now, pay later firms to ensure the terms and conditions of their products are clear and transparent for customers.

European

European Commission consults on DORA delegated acts

On 16 November 2023, the European Commission launched a public consultation on two draft delegated regulations that the Commission is empowered to adopt under Articles 31 and 43 of Regulation (EU) 2022/2554 on digital operational resilience for the financial sector. The two draft delegated regulations:

  1. specify further criteria for the designation of critical ICT third party service providers (CTPPs)
  2. determine the amount of oversight fees to be levied on CTPPs

The draft delegated act in respect of the oversight fees specifies among others informs on:

  • estimated expenditure for the fees
  • applicable turnover that should be used to calculate the fees to be charged to the CTPPs
  • arrangements for paying the fees

The draft delegated act in respect of the criteria for the designation of CTTPs follows the technical advice issued by the ESAs in September (ALG Insight here), and further supplements the CTTP’s designation criteria within the DORA Regulation by:

  • specifying the two-step assessment approach to be used by the ESAs when applying sub-criteria to the four primary criteria
  • in respect of the four primary criteria, specifying sub-criteria and respective formulas and thresholds in relation to the two steps identified for the purposes of the two-step assessment approach

The consultations will close on 14 December 2023.

European Commission and the EBA launch a number of consultations in respect of MiCA

A large amount of preparatory work has recently been undertaken in respect of the Markets in Crypto Assets Regulation (MiCA), with both the European Commission and the European Banking Authority (EBA) launching a number of consultation papers on 8 November 2023.

Consultations on draft delegated acts

The European Commission launched consultations on four draft delegated acts to be adopted under MiCA. The draft delegated acts supplement MiCA by specifying:

  1. certain criteria for classifying asset-referenced tokens (ARTs) and e-money tokens (EMTs) as significant
  2. procedural rules for the EBA to exercise the power to impose fines or periodic penalty payments on issuers of significant ARTs and EMTs
  3. criteria and factors that European Securities and Markets Authority (ESMA), the EBA and competent authorities must consider in relation to their product intervention powers
  4. fees charged by the EBA to issuers of significant ARTs and EMTs

The Commission intends to adopt the delegated acts before the application of the relevant parts of MiCA on 30 June 2024. These consultations will close on 6 December 2023.

EBA launch third batch of MiCA policy products

On November 8 2023, the EBA also launched five public consultations on MiCA which makeup, overall, ten consultation papers under. These consultations make up the third batch of MiCA policy products and will run until 8 February 2024. The areas on which the five consultations focus include:

  1. consultation on draft RTS on liquidity requirements and draft Guidelines on liquidity stress testing of relevant issuers of tokens under MiCA
  2. consultation on draft RTS on own funds requirements and stress testing of issuers under MiCA
  3. consultation on reporting of transactions with ARTs and EMTs denominated in a non-EU currency under MiCA
  4. consultation on draft RTS on supervisory colleges under MiCA
  5. consultation on draft guidelines on recovery plans for issuers of ARTS and EMTs under MiCA

EBA consults on new guidelines on preventing the abuse of funds and certain crypto-asset transfers for money laundering and terrorist financing purposes

On 24 November 2023, the EBA launched a public consultation on new guidelines on preventing the abuse of funds and certain crypto-asset transfers for money laundering and terrorist financing purposes under Regulation (EU) 2023/1113 on information accompanying transfers of funds and certain cryptoassets (Wire and Cryptoasset Transfer Regulation).

The draft guidelines specify the steps that payment service providers (PSPs), intermediary PSPs, crypto-asset service providers (CASPs) and intermediary CASPs should take to detect missing or incomplete information that accompanies a transfer of funds or crypto-assets. They also detail the procedures providers should put in place to manage a transfer of funds or a transfer of crypto-assets that lacks the required information.

The EBA draft guidelines are intended to repeal the ESA’s guidelines under Article 25 of the Wire Transfer Regulation on the measures payment service providers should take to detect missing or incomplete information on the payer or the payee, and the procedures they should put in place to manage a transfer of funds lacking the required information. The consultation focuses on areas that were not previously included in the existing guidelines, such as:

  • determining whether a card, instrument or device is used exclusively for the payment of goods or services
  • interoperability of protocols
  • identifying the specific data points to be transmitted as part of the information required and
  • self-hosted wallets

The deadline for comments on the consultation paper is 26 February 2024.

EBA issues new guidance to AML/CFT supervisors of CASPs

On 27 November 2023, the EBA published its final risk-based supervision guidelines. The guidelines extend the scope of the risk-based anti-money laundering and countering the financing of terrorism (AML/CFT) supervision to supervisors of crypto asset service providers (CASPs) as defined under MiCA.

The guidelines provide sources of information that competent authorities should consider when assessing ML/TF risks associated with CASPs. The guidelines also highlight the importance of a consistent approach in setting supervisory expectations, where multiple competent authorities are responsible for the supervision of the same institutions.

The updated guidelines will apply from 30 December 2024.

EBA consults on guidelines on complaints handling by credit servicers

On 9 November 2023, the European Banking Authority published a public consultation on its draft guidelines on complaints handling by credit servicers under the Credit Services Directive (EU) 2021/2167 (CSD).

CSD requires Member States to ensure that effective and transparent procedures for the handling of complaints from borrowers are established and maintained by credit servicers. Member States are required to adopt and publish the national measures to transpose the provisions of CSD by 29 December 2023. In its consultation, the EBA is proposing to extend the application of the existing Joint Committee guidelines which were introduced in 2014 by the ESAs, on complaints handling to credit servicers. handling to credit servicers.

The draft guidelines specify, in accordance with Article 24(1) of CSD the requirements credit servicers should comply with when establishing and maintaining effective and transparent procedures for complaints handling from borrowers. The deadlines for comments on the consultation paper is 9 February 2024.

Council of the EU adopt proposed CSDR Refit Regulation

On 27 November 2023, the Council of the EU announced in a press release that it had adopted the proposed Regulation. The European Parliament had published the provisional edition of the text of the legislative resolution adopted by it at first reading on 9 November 2023.

The proposed Regulation will enter into force 20 days after its publication in the Official Journal of the European Union. Depending on the Articles, it will apply from either 1 May 2024 or two years after entering into force.

ESAs publish amended technical standards on the mapping of external credit assessment institutions

On 13 November 2023, The Joint Committee of the three European Supervisory Authorities published two amended Implementing Technical Standards (ITS) on the mapping of credit assessments of external credit assessment institutions (ECAIs), in accordance with the Capital Requirements Regulation (CRR) and the Solvency II Directive.

The amendments reflect the outcome of a monitoring exercise on the adequacy of existing mappings, and the deregistration of three credit rating agencies. In the amended ITS the ESAs are proposing to change the credit quality step allocation for four ECAIs, and to introduce new or amended credit rating scales for seven ECAIs. In addition, the amended ITS no longer contain mapping tables for the three ECAIs, whose licenses have been revoked since the previous amendment.

The ESAs have also published individual draft mapping reports which illustrate how the methodology was applied to produce the amended mappings in line with the CRR mandate.

For more information on these topics please contact any member of A&L Goodbody's Financial Regulation Advisory team.

Date published: 14 December 2023