In this regular update, we round-up FinTech-related regulatory developments for the week ending 1 October 2021.
BIS: Reports on CBDCs
The Bank for International Settlements (BIS) has published a new set of reports in relation to central bank digital currencies (CBDCs). The reports analyse policy options and practical implementation issues on the following aspects:
CMA publishes report into OBIE and sets out next steps
The Competition and Markets Authority (CMA) has published the findings of an independent investigation into the Open Banking Implementation Entity (OBIE). It has also set out the steps being taken to improve governance in light of the report’s findings. The OBIE is an independent organisation that, following an Order by the CMA, was set up in 2017 to implement the Open Banking remedy. [1 Oct 2021]
BoE/PRA/FCA: Dear Senior Management Function letter on 2021 CBEST thematic findings
The Bank of England (BoE), the PRA and the FCA have published a template version of their ‘Dear Senior Management Function’ letter addressed to senior managers with responsibility for cyber. In the letter, the regulators set out the key findings from the 2021 CBEST thematic process. The purpose of sharing the findings is to highlight areas of concern to firms so that they can address any such weaknesses internally. [30 Sep 2021]
BoE: Dear CEO letters to FMIs regarding material outsourcing to the public cloud
The Bank of England (BoE) has published template versions of letters sent by the Financial Markets Infrastructure (FMI) Division to CEOs of FMIs regarding supervisory expectations in relation to material outsourcing to the public cloud. The letters are addressed to:
The letters communicate the BoE’s intention to consult on its proposed expectations and policies for FMIs on outsourcing in due course, with specific reference to the use of cloud. [29 Sep 2021]
ESMA: Call for evidence on retail investor protection
The European Securities and Markets Authority (ESMA) has published a call for evidence on a number of retail investor protection topics under MiFID II. These views will feed into ESMA’s technical advice to the European Commission (EC) on the development of its strategy for retail investment.
ESMA is specifically requesting information from stakeholders on three topics:
Responses to the call for evidence are requested by 2 January 2022. ESMA will consider the information received when drafting its advice to the EC which will be delivered by 30 April 2022. [1 Oct 2021]
EC: Updated consultation response deadlines – AML package, including in relation to crypto-assets
The EC has updated the consultation response deadline to 26 November 2021 for the following consultations under its anti-money laundering (AML) initiative:
EIOPA: Revised Single Programming Document and Annual Workplan 2022
EIOPA’s agenda will continue to be influenced by the Covid-19 pandemic, the macroeconomic environment and the overall European agenda. Under the twin objectives of ensuring consumer protection and safeguarding financial stability, EIOPA will continue to support the recovery, built on green and digital transitions.
Specifically, EIOPA will address challenges affecting society, the insurance and pensions sectors, and supervisors, which include climate change, cyber risk and digitalisation, as well as addressing protection gaps. [30 Sep 2021]
ECB: Speech cyber risks and the integrity of digital finance
The European Central Bank (ECB) has published a speech by Fabio Panetta, Member of the Executive Board, on cyber risks and the integrity of digital finance. In his speech, Mr Panetta spoke about the evolving nature of cyber risks and the role of the Euro Cyber Resilience Board (ECRB) in addressing them. [30 Sep 2021]
ESMA: MiFID II review report on algorithmic trading
The European Securities and Markets Authority (ESMA) has published the Markets in Financial Instruments Directive and Regulation (MiFID II/MiFIR) review report on algorithmic trading. The Final Report concludes that no fundamental issues have emerged with respect to the MiFID II algorithmic trading regime which has overall delivered on its objectives. ESMA makes some recommendations to simplify the regime and make it more efficient.
This report will be submitted to the European Commission (EC) and is expected to be taken into consideration for further legislative proposals on the MiFID II regime. Regarding Level 2 provisions, the amendment of existing technical standards discussed in the report will be subject to specific consultations to be published shortly. [29 Sep 2021]
ESMA: Annual Work Programme 2022
The European Securities and Markets Authority (ESMA) has published its Annual Work Programme 2022 setting out its priority work areas for the next 12 months. The key work streams that ESMA will focus on include:
Quarterly Statement by the CFR – September 2021
The Council of Financial Regulators (CFR) held its quarterly meeting on 24 September 2021. The Australian Treasurer and Australian Competition and Consumer Council (ACCC) representatives attended for parts of the meeting. A number of regulatory reviews and developments regarding payment systems, digital currencies and crypto-assets, including central bank digital currencies (CBDCs) were discussed. The CFR will refocus some working group activities in order to prioritise work considering regulatory arrangements across the spectrum of crypto-assets, including stablecoins. The CFR also considered coordination and regulatory arrangements for cyber security and resilience, including the development of a cyber-attack communication and coordination protocol. [29 Sep 2021]
HKMA publishes joint research on multiple CBDC showing potential for speeding up cross-border payments and reducing costs
The HKMA has announced the publication of a report titled “Inthanon-LionRock to mBridge: Building a multi CBDC platform for international payments” to deliver the interim findings of the Multiple Central Bank Digital Currency Bridge (mBridge) project.
The report is jointly published by the HKMA, the Hong Kong Centre of the Bank for International Settlements Innovation Hub, the Bank of Thailand, the Digital Currency Institute of the People’s Bank of China and the Central Bank of the United Arab Emirates.
The mBridge project is an initiative under the HKMA’s “Fintech 2025” strategy (see our previous update), which aims to strengthen research work on the central bank digital currency (CBDC) with the view to future-proofing Hong Kong in terms of CBDC readiness.
Through the mBridge project, the cross-border network prototype built in phase 1 was further developed in phase 2 to support more currencies and interface with new or conventional domestic payment systems. The report sets out the takeaways of phase 2 and introduces the scope of phase 3. According to the report:
HKMA publishes third issue of Regtech Adoption Practice Guide on GRC solutions
The HKMA has published the third issue of its Regtech Adoption Practice Guide, focusing on regtech solutions in the area of governance, risk and compliance (GRC). The guide series was launched by the HKMA in June 2021 as part of its regtech adoption roadmap to provide banks with detailed practical guidance on the adoption of regtech solutions (see our previous update).
GRC is a framework of people, processes and technologies to gather and aggregate risk information across an organisation to enable timely management attention and action. This issue of the guide introduces a modular approach to building a GRC regtech platform and outlines some key implementation components based on observations of what others have successfully done.
The topics covered include:
MAS announces new digital platform to combat ML/TF/PF and opens consultation on legislative framework and platform features
The Monetary Authority of Singapore (MAS) has announced that it will introduce a digital platform and enabling regulatory framework for financial institutions (FIs) to share with one another relevant information on customers and transactions to prevent money laundering (ML), terrorism financing (TF) and proliferation financing (PF) .
The new digital platform, named COSMIC, for ‘Collaborative Sharing of ML/TF Information & Cases’ has been created in collaboration with industry. MAS plans to launch the COSMIC platform in the first half of 2023. COSMIC will initially focus on three key financial crime risks in commercial banking: abuse of shell companies; misuse of trade finance for illicit purposes; and PF. MAS plans to progressively extend COSMIC’s coverage to more FIs and focus areas and make some aspects of sharing mandatory.
MAS is seeking feedback on the proposed legislative framework for COSMIC, as well as the platform’s features by 1 November 2021. [1 Oct 2021]