With fintech becoming such a fast-moving and increasingly regulated space, we have created a timeline of key UK and EU regulatory milestones to watch out for over the coming months and years.

October 2017

• 11 Oct: Deadline for responses to EU Commission Consultation Paper on Commission implementing Regulation pursuant to Art 16(8) Cybersecurity Directive
• 13 Oct: Deadline for responses to European Securities and Markets Authority Consultation Paper on MiFID II suitability requirements (including robo-advice)
• 26 Oct: Financial Conduct Authority (FCA) begins to accept PSD2 applications
• 31 Oct: Deadline for responses to Basel Committee on Banking Supervision Consultation Paper on implications of fintech on the banking industry and supervision
• Autumn: Payment Systems Regulator progress update on contactless mobile payments
• TBC: EU Observatory on blockchain technologies

November 2017

• 2 Nov: Deadline for responses to European Central Bank (ECB) Consultation Paper on draft guide to fintech bank licensing
• 6 Nov: Deadline for responses to European Banking Authority (EBA) Discussion Paper on approach to fintech
• 27 Nov: Deadline for responses to EU Commission roadmap on legislative proposal for EU framework on crowd and peer to peer finance
• Nov: FCA Sandbox Cohort 3 firms to commence testing

December 2017

• 12 Dec: Deadline for responses to EU Commission Consultation Paper on the review of the Directive on the re-use of public sector information
• 31 Dec: Mandate of the ECB/TARGET2- Securities Harmony Steering Group Task Force on Distributed Ledger Technology expires
• Dec: UK Government to publish response to Department for Digital, Culture, Media and Sport Consultation Paper on implementing the Cybersecurity Directive
• By end 2017: EU Commission to have prepared an initiative under the Digital Single Market to address unfair contract clauses and trading practices identified in platform-to-business relationships

Q1 2018

• 1 Jan: EBA guidelines on ICT risk assessment under SREP applicable
• 13 Jan: PSD2 regime in force; broader range of services in scope, eg account aggregation services
• 13 Jan: EBA guidelines on major incident reporting under PSD2 in force
• Early 2018: EU Commission to present Fintech Action Plan
• Spring: EU Commission Digital Single Market initiative on accessibility and reuse of public and publicly funded data
• H1: ESMA final report on MiFID II suitability requirements (including robo-advice) expected
• 2018: Interim report of the Organisation for Economic Cooperation and Development Task Force on the Digital Economy expected

Q2 2018

• 9 May: Deadline for member states required to transpose the Cybersecurity Directive (subject to adoption)
• 25 May: GDPR applies with direct effect in all EU member states
• Jun: EU member states to have plans in place for releasing the 700MHz band, facilitating 5G

2020 onwards

• By Jun 2020: All EU member states to have assigned the 700MHz band to mobile operators and made available for wireless broadband
• By 2020: Enhanced functionality to Bank of England Real-Time Gross Settlement to be mostly operational (including interoperability with distributed ledger technology)
• 2020: EU introduction of 5G

Key contacts