In this regular update, we round-up FinTech-related regulatory developments for the week ending 16 April 2021.

 

Global

BCBS work programme 2021/22

The Basel Committee on Banking Supervision (BCBS) has published its work programme for 2021/22, which sets out its strategic priorities for the coming year and reflects the outcome of its recent strategic review. The work programme focuses on three key themes: Covid-19 resilience and recovery; horizon scanning and mitigation of medium-term risks and trends; and strengthening supervisory coordination and practices. The BCBS’ focus will include the ongoing digitalisation of finance; the role of AI and machine learning in both banking and in supervision; data and technology governance by banks; operational resilience; and the role of proportionality in bank regulation and supervision. [16 Apr 2021]

#AI

#MachineLearning

#OpRes

#Digitalisation

 

UK

PRA: PS8/21 – Approach to new and growing non-systemic UK banks

The PRA has published Policy Statement 8/21 (PS8/21) on its approach to new and growing non-systemic UK banks. PS8/21 contains the PRA’s final policy in:

  • a final Supervisory Statement 3/21 (SS3/21) ‘Non-systemic UK banks: The PRA’s approach to new and growing banks’;
  • an updated Supervisory Statement 31/15 (SS31/15) ‘The Internal Capital Adequacy Assessment Process (ICAAP) and the Supervisory Review and Evaluation Process (SREP)’; and
  • an updated Statement of Policy (SoP) ‘The PRA’s methodologies for setting Pillar 2 capital’.

The expectations in SS3/21 took effect on publication on 15 April 2021.

PS8/21 is relevant to banks in their first few years of authorisation and also to prospective banks. Chapter 6 of SS3/21 is relevant to non-systemic UK banks that are ‘established’, that is banks which are typically more than five years into their authorisation and are in the ‘without restrictions’ stage of their lifecycle. [15 Apr 2021]

#NewBanks

#StartUps

FCA/PRA: ‘Dear CEO’ letter on obtaining deposits via deposit aggregators

The FCA and PRA have published a template version of their ‘Dear CEO’ letter regarding obtaining deposits via deposit aggregators. The letter sets out the authorities’ views of the the risks associated with the increasing volumes of deposits that are placed with firms via deposit aggregators and how to mitigate them. It also outlines some of the key responsibilities that firms will be held accountable for. [14 Apr 2021]

#DepositAggregators

#SavingsServices

#CashPlatforms

FCA speech on regulating UK as global financial centre

The FCA has published a speech delivered by its Executive Director of International and Interim Chief Operating Officer, Nausicaa Delfas, entitled “Regulating the UK as a global financial centre”. Among other things, Ms Delfas noted that the FCA is working on bringing the recommendations set out in Ron Kalifa’s Review of UK FinTech to life. Please see our previous blog post for more details on the recommendations. [13 Apr 2021] 

#KalifaReview

 

EU

EU Commission: First meeting of ECCC Board

The EU Commission has announced that the ‘shadow’ Governing Board of the European Cybersecurity Competence Centre (ECCC)  has met for the first time. The meeting focused on the preparations and next steps on the establishment of the Cyber Centre.

The Board met in an informal capacity, further to political agreement being reached on the Regulation which establishes the ECCC and related Network of National Coordination Centres. The Regulation is expected to enter into force in June 2021. [16 Apr 2021]

#CyberSecurity
ECB: Annual report 2020

The European Central Bank (ECB) has published its annual report for 2020. The annual report covers:

  • the European financial sector and increased risks as a result of Covid-19;
  • innovation and integration in market infrastructure and payments;
  • a digital euro; and
  • climate change. [14 Apr 2021]
#DigitalEuro

#CBDCs

ECB: Report on the public consultation on a digital euro

The European Central Bank (ECB) has published a report on the public consultation on a digital euro. The report considers: the responses received as part of the public consultation, and looks at some of the key questions from a user perspective and from a financial, payment and technology professionals’ perspective. [14 Apr 2021]

 

#DigitalEuro

#CBDCs

 

ECB: Publication on the use of DLT in post-trade processes

The European Central Bank (ECB) has published a document on the use of distributed ledger technology (DLT) in post-trade processes. The publication considers:

  • the regulatory, governance and interoperability considerations in a DLT environment;
  • issuance or recording and post-trade handling of securities in a DLT environment; and
  • key features of using DLT for issuance, custody and settlement. [12 Apr 2021]
 

#DLT

 

 

US

DFS Superintendent Announces Cybersecurity Settlement With Licensed Insurance Company

The New York State Department of Financial Services (DFS) announced that a licensed insurance company will pay a $3 million penalty to New York State for violations of DFS’s Cybersecurity Regulation that caused the exposure of a substantial amount of sensitive, non-public, personal data belonging to its customers, including thousands of New York consumers.

The licensed insurance company collects private data in the course of its day-to-day operations, selling life insurance, accident and health insurance, and variable life/variable annuities insurance. DFS’s investigation uncovered evidence that the licensed insurance company had been the subject of four cyber breaches between 2018 and 2020, two of which had not been reported to the DFS as mandated by the Cybersecurity Regulation. [14 Apr 2021]

#CyberSecurity
CFTC Announces Federal Court Orders Nevada Company and its Owner to Pay More Than $32 Million for Cryptocurrency Fraud and Misappropriation Scheme

The CFTC announced that following a hearing on the merits, the US District Court for the District of Nevada entered a default judgment against an Australian citizen residing in Las Vegas, Nevada and/or Los Angeles, California, and a Nevada corporation, for a cryptocurrency fraud and misappropriation scheme.

The court’s final judgment of 29 March 2021 requires the defendants, jointly and severally, to pay restitution of $14,841,280 to defrauded pool participants, disgorgement of $15,815,967, and a civil monetary penalty of $1,484,128. The final judgment also permanently enjoins the defendants from engaging in conduct that violates the Commodity Exchange Act and CFTC regulations, registering with the CFTC, trading in any CFTC-regulated markets, and trading in any commodity interest for himself or others. [8 Apr 2021]

#Cryptocurrencies