Fintech is a rapidly developing area where developments in the regulatory regime are ongoing. We have created a timeline of key UK and European regulatory milestones to watch out for over the coming months and years.
HM Treasury has announced two consultations on possible changes to the UK financial promotions regime:
- a consultation on limiting the scope of firms that can approve financial promotions of unauthorised persons; and
- a consultation on extending the financial promotions regime to include unregulated cryptoassets.
The deadline for responses to both consultations is 25 October 2020.
These consultations reflect the continued focus by the Financial Conduct Authority (FCA) on marketing and the related risks to consumers, particularly following the mini-bond scandal, as well as the continued focus on the regulation of fintechs and cryptoasset technologies. Continue reading
The FCA recently issued its finalised guidance for payments and e-money firms on safeguarding customer funds and Covid-19. The guidance is designed to mitigate, in the short-term, concerns that some firms are not complying with the Payment Services Regulations 2017 (PSRs) and Electronic Money Regulations 2011 (EMRs) safeguarding rules in the way the FCA expects. It is also designed to help prevent potential harm to customers in the event of insolvencies caused by Covid-19.
On 16 June 2020, Charles Randell, Chair of the FCA and PSR, delivered a speech addressing a virtual roundtable of bank chairs, hosted by UK Finance. Mr Randell considered the immediate impact of Covid-19 on the financial services sector in the UK and the FCA’s role in the recovery of the industry. Continue reading
Having initially delayed its planned consultation exercise to allow the financial services sector to focus on responding to Covid-19, the International Organization of Securities Commissions (IOSCO) subsequently found the pandemic a catalyst to proceed. Therefore, at the end of May, IOSCO launched its consultation on proposed updates to the 2005 Outsourcing Principles for Market Intermediaries and the 2009 Outsourcing Principles for Markets; feedback on the proposed new Outsourcing Principles (OPs) is requested on or before 1 October 2020. The decision to proceed reflects the acknowledgement that outsourcing is a key element for consideration when assessing operational resilience across the sector.
This post gives a high level summary of the consultation, with a link to our briefing that focuses in more detail on: the scope of application; IOSCO’s definition of outsourcing; intragroup arrangements; concentration risk; and access and audit rights. To provide additional context to IOSCO’s proposals, the associated briefing also catalogues relevant proposals and initiatives which are running concurrent to the consultation exercise.
After highlighting payment services as a priority in its 2020/21 business plan and following “evidence that some firms have not implemented the Electronic Money Regulations 2011 or Payment Services Regulations 2017 as [the FCA] expects”, the FCA has published a short consultation proposing further guidance for Payment Services Providers (PSPs), including Payment Institutions (PIs) and E-Money Institutions (EMIs).
The FCA gives the following as examples of areas where some firms are not fully complying with the safeguarding rules:
- co-mingling of customer and firm funds;
- failure to keep accurate records and accounts; and
- insufficiently effective risk management procedures.
Following the consultation, the FCA plans to publish a “Dear CEO” letter incorporating the guidance (as amended). That guidance is intended to take effect temporarily, until the Approach Document is updated following a full consultation “later in the year”, which will likely include a proposal to incorporate the temporary guidance. The proposed guidance will also outline how firms can put in place more robust wind-down plans.
The FCA notes that payment services is an area that continues to undergo rapid development and that, while innovation is to be welcomed, many new entrants to the market are unprofitable at an early stage. The FCA is concerned, in particular, that these firms will face additional financial pressure as a result of the COVID-19 pandemic, which potentially threatens both customer revenues and the ability to seek external funding where required.
Firms are asked to consider the proposed guidance and send any comments to the FCA by 12 June 2020.
Background and context
The proposed guidance follows an FCA review in H1 2019 of the compliance of 11 non-bank PSPs with the requirements for safeguarding service users’ funds under the Payment Services Regulations (PSRs) 2017 and Electronic Money Regulations (EMRs) 2011. This in turn led to the FCA’s issuance of a “Dear CEO” letter outlining the shortcomings found by the review and requesting non-bank PSPs to review their safeguarding arrangements, promptly remedy any inadequacies and attest to certain matters.
The rapid growth of both the payment services market and some firms in it, is both acknowledged by the FCA in its guidance and clearly reflected in the evolution of the surrounding regulatory landscape, marked by the revised Payment Services Directive (PSD2) which came into force in January 2018, four successive versions of the FCA’s Approach Document since September 2017 and a number of consultation papers by both the FCA and PRA.
Firms should continue to expect this to be an area of increasing regulatory focus, particularly amidst the current COVID-19 crisis. As with the client money regime for investment firms, it is likely that the FCA will view ongoing failures to comply with the safeguarding rules as a particularly serious matter.
Fintech is a rapidly developing area where developments in the regulatory regime are ongoing. We have created a timeline of key UK and European regulatory milestones to watch out for over the coming months and years.
On 7 April 2020, the FCA released its Business Plan for 2020/21. The FCA had planned to focus on the areas identified in its Sector Views published on 18 February 2020 (see our blog post here), but recognises that its work will be fundamentally reshaped by the impact of COVID-19.
Aware that the current circumstances create the need for it to both respond to change and initiate it, the FCA outlined plans for transforming fundamentally the way the FCA works and regulates, with a view to becoming a more efficient and effective regulator.
This article has also been published by the International Financial Law Review (IFLR).
The payments sector is one of the fastest growing sectors within the financial services industry. It is underpinned by consumers’ widespread move away from physical cash and towards electronic payments. Whether consumers are using payment cards or apps, the result has been a continual increase in the volumes of payments being processed electronically. This has created an enormous opportunity for payments businesses such as FIS and Fiserv (in the US) and Nexi and Klarna (in the EU) to establish themselves as key players in the payment chain, with the potential to become systemically important.
These businesses participate in a well-developed and very active area of the payments sector. So, what comes next?
The use of distributed ledger technology (DLT), and the associated use of cryptocurrencies and other cryptoassets, has long been discussed as a potential means for making global payment systems more efficient and more secure. For many years, payment processing has relied on centralised channels to transfer money, by established participants such as card issuers, clearing banks, and merchant acquiring banks and card schemes. By contrast, DLT involves a decentralised, shared ledger, with no need for central intermediation. It is considered immutable.
The question is, to what extent will cryptoassets become more widely used in the payments sector, including their potential use by central banks. Stablecoins, a relatively recent and topical sub-class of cryptoassets, may play a key role here. It will be interesting to see what types of stablecoins emerge and how they fit into the broader UK regulatory framework applicable to cryptoassets. Another important issue derives from two key aspects of stablecoins that are designed to facilitate payments: (i) in relation to the asset itself – concerns raised by private stablecoins, and whether a central bank digital currency could be an alternative; and (ii) in relation to the technology underlying it – its possible utility as a private payment system and question marks over whether it can co-exist with or link into public payment systems.
Stablecoins: how are they categorised and why does it matter?
“Bitcoin, the first and still the most popular cryptocurrency, began life as a techno-anarchist project to create an online version of cash, a way for people to transact without the possibility of interference from malicious governments or banks.” (The Economist, 30 August 2018)
Sadly for the original creators of cryptocurrencies – and despite their anarchistic intentions, cryptocurrencies and other types of cryptoassets cannot be exempt from the application of law and regulation just because they are a technological construct. The tone for the UK regulatory approach was set in the UK Cryptoassets Taskforce report, where the government stated its ambition for the UK to be the world’s most innovative economy and to maintain its position as one of the leading financial centres globally, to be achieved in part by “allowing innovators in the financial sector that play by the rules to thrive”. The message is clear: innovation is encouraged, but only where it complies with high standards of regulation.
The genesis of stablecoins, a relatively recent sub-category of cryptoassets, was an attempt to address the high price volatility exhibited by many cryptoassets so far. Stablecoins are, in short, cryptoassets that are backed by other assets, including fiat, commodities or other cryptocurrencies (a fuller definition is contained in the Financial Stability Board’s (FSB) ‘Regulatory issues of stablecoins’, 18 October 2019).
There are many types of stablecoin, each with different structures, functions and uses. Despite the word ‘coin’, a stablecoin could constitute a financial derivative, a unit in a collective investment scheme (fund), a debt security, e-money, or another type of specified (regulated) investment. They could potentially fall within any of three broad categories of cryptoassets as described by the UK Financial Conduct Authority (FCA), the categories having been revised in July 2019 following an earlier consultation.The diagram in Figure 1 compares the prior and current UK FCA categories of cryptoassets.
The position could change. During 2020 UK HM Treasury is expected to consult on expanding the regulatory perimeter. The EU Commission is also consulting on an “EU framework for markets in crypto-assets”.
It was the prospect of a stablecoin achieving, in a very short timescale, widespread adoption for transactions currently processed by retail and wholesale payment systems, particularly if integrated into existing online platforms or social media, that brought stablecoins into the sharp focus of national and international regulatory bodies. In a Bank of England speech (Responding to leaps in payments: from unbundling to stablecoins), Christina Segal-Knowles noted that: “In India, Google Tez reported having 50 million users 10 months after its launch in September 2017. In China, Alipay and WeChat Pay by some measures handled more than $37 trillion in mobile payments in 2018”.
The UK and other regulators consider that an appropriate regulatory framework needs to be adopted for stablecoins prior to their launch.
Global stablecoins as a payment asset
Key drivers for the creation of stablecoins as an alternative payment asset include improving
cross-border payments, to increase speed and reduce costs; assisting with financial inclusion
and providing payment tools for people who are underbanked or underserved by financial
services; and the growing preference in society for peer to peer interactions.
However, there are significant challenges and risks arising from use of stablecoins. These include difficulties with legal certainty, sound governance, AML/CFT compliance, operational resilience (including cyber security), consumer/investor and data protection and tax compliance. If stablecoins reach a global scale, they could pose challenges and risks to monetary policy, financial stability, the international monetary system and fair competition.
Here are a selection of key policy points identified by the G7 Working Group on Stablecoins, highlighting why regulators are so concerned about global stablecoins:
- Competition: global stablecoin arrangements could achieve market dominance due to their strong existing networks and the large fixed costs that a potential competitor would need to implement large-scale operations, and the exponential benefit of access to data.
- Stability mechanism: the mechanism used to stabilise the value of a global stablecoin must address market, credit and liquidity risk. If these are not adequately addressed, it could trigger a run, where users would all attempt to redeem their global stablecoins at reference value. Other triggers for a run could include a loss of confidence resulting from a lack of transparency about reserve holdings or if the reporting lacks credibility.
- Credit risk: global stablecoins whose reference assets include bank deposits may be exposed to the credit risk and liquidity risk of the underlying bank.
- Increased cost of funding for banks: if users hold global stablecoins permanently in deposit-like accounts, retail deposits at banks may decline, increasing bank dependence on more costly and volatile sources of funding.
- Change in nature of deposit: in countries whose currencies are part of the stablecoin reserve, some deposits drained from the banking system when retail users buy global stablecoins may be repaid to banks by way of larger wholesale deposits from stablecoin issuers. If banks were to counter this by offering products denominated in global stablecoins, they could be subject to new forms of foreign exchange risk and operational dependencies.
- Exacerbation of bank runs: easy availability of global stablecoins may exacerbate bank runs in times when confidence in one or more banks erodes.
- Shortage of high-quality liquid assets (HQLA): purchases of safe assets for a stablecoin reserve could cause a shortage of HQLA in some markets, potentially affecting financial stability.
- Reduced impact of monetary policy: this could happen in several ways. If, for example, there were multiple currencies in the reserve basket, the return on global stablecoin holdings could be a weighted average of the interest rates on the reserve currencies, attenuating the link between domestic monetary policy and interest rates on global stablecoin deposits. This would be particularly true where the domestic currency is not included in the basket of reserve assets.
The FSB is due to submit a consultative report on stablecoins to the G20 Finance Ministers and Central Bank Governors in April 2020, with a final report in July 2020.
Central bank digital currencies: alternative, interoperable or additional solutions?
Central bank digital currencies (CBDCs) are new variants of central bank money that differ from physical cash or central bank reserve/settlement accounts. There are two potential types of CBDCs: (i) a “wholesale” or “token-based” CBDC – restricted-access digital token for wholesale settlements (for example, interbank payments or securities settlement); and (ii) a general-purpose variant available to the public and based on tokens or accounts, allowing for a variety of ways of distribution.
So how would a CBDC act as an alternative to global stablecoins? A general purpose CBDC would essentially give effect to a disintermediated currency of which the central bank, rather than a private entity, would keep control. The view of the UK central bank, which first raised the possibility of CBDCs in 2015, seems to be evolving. Back in 2018, in his ‘The Future of Money’ speech (March 2 2018), Bank of England Governor Mark Carney identified that a general-purpose CBDC could mean a much greater role for central banks in the financial system. He noted that central banks could find themselves disintermediating commercial banks in normal times and running the risk of destabilising flights to quality in times of stress.
An independent report commissioned by the Bank of England on the Future of Finance noted that there was no compelling case for CBDCs and that the focus should be on improving current systems to allow for private sector innovation. However, in January 2020 the Bank of England announced that it would be participating in a central bank group with six other banks to assess potential use cases on CBDCs.
Payments systems and the transfer technology underlying stablecoins
In his ‘The Future of Money’ speech in 2018, Carney noted the potential for underlying technologies to transform the efficiency, reliability and flexibility of payments by increasing the efficiency of managing data; improving resilience by eliminating central points of failure, as multiple parties share replicated data and functionality; enhancing transparency (and auditability) through the creation of instant, permanent and immutable records of transactions; and expanding the use of straight-through processes, including with smart contracts that on receipt of new information automatically update and if appropriate, pay.
An European Central Bank (ECB) Occasional Paper (‘In search for stability in crypto-assets: are stablecoins the solution?’) notes that: “A platform for the recording of stablecoins and other assets using DLT and smart contracts may either benefit interoperability and competition among different DLT-based infrastructures and issuers – if its governance aims at harmonising the business and technological standards adopted by different operators and issuers competing in the market –, or lead to increased fragmentation if multiple initiatives emerge that compete for the market.”
The Bank of England confirmed in July 2018 that its renewed real-time gross settlement (RTGS) service would support DLT settlement models following a successful proof of concept.
Cryptoassets are a daily reality
The prevailing market views seems to be that in the short to medium term, DLT will augment rather than replace RTGS. Interoperability remains a key challenge, as do the technological and energy requirements of a successful and permanent DLT-based payments system.
Nevertheless, it no longer seems fanciful to talk of cryptoassets forming a daily part of the mainstream payments system. They are no longer only the preserve of speculators, or of payors seeking anonymity. The number of transactions in cryptoassets continues to grow rapidly, and regulators are focused on managing their increasing role in day-to-day financial services. It will be fascinating to see how central banks and regulators continue to respond to the growth of cryptoassets, and where this sector will go next.
In another article entitled, ‘Fintech market enters a new stage of maturity‘, we review macro-developments in Europe.
The PRA and FCA have published two statements setting out their expectations on UK-regulated firms under the Senior Managers and Certification Regime (SMCR).
A joint statement from the PRA and FCA has been published for dual-regulated firms (the Joint Statement), while the FCA have separately published a statement for solo-regulated firms (the FCA Statement).
There are also some differences in expectations as between solo and dual-regulated firms to be aware of, which we highlight below in Key expectations.
In line with the expectations set out in the statements, firms should:
- Ensure responsibility for the response to COVID-19 disruption is clearly allocated to an appropriate Senior Manager(s) (SM).
- Document internally all decisions relating to interim re-allocation of Senior Management Functions (SMFs) and Prescribed Responsibilities (PRs) as a result of temporary absences during this period. Firms should be prepared to share these internal documents with the regulators on request.
- Communicate material temporary changes to the appropriate regulator promptly (this may not need to be by way of usual SMCR notification forms).
- Keep contingency plans under review to ensure they remain up-to-date.
- Take reasonable steps to complete any annual certifications that are due to expire while restrictions are in place.
Allocating responsibility for COVID-19 response
- Firms are not required to allocate a single SM to be responsible for response to the disruption caused by COVID-19. No “one size fits all” approach is being mandated (with the exception of requiring the responsibility of identifying key workers to be allocated to SMF1 (Chief Executive Officer) – see the FCA and PRA statements for more information).
- In the Joint Statement, the PRA also recommends that dual-regulated firms consider how they respond to unexpected changes to contingency plans, given the possibility of SMs becoming temporarily absent. Solo-regulated firms should consider doing the same.
Temporary arrangements for SMFs and PRs
- Where an SM is unexpectedly absent due to illness (or other COVID-19 related circumstances) firms may choose to allocate SMFs to existing SMs. In addition, under the existing ‘12-week rule’, firms may permit an unapproved individual to perform an SMF role where such arrangements are temporary.
- For solo regulated firms, the FCA intends to issue a Modification by Consent to the 12-week rule to support firms using temporary arrangements for up to up to 36 weeks. This extended period is not currently available for dual-regulated firms (although this position remains under review).
- The FCA and PRA expect PRs (for both solo and dual-regulated firms) to be allocated to existing approved SMs wherever possible. Where this is not possible (for example due to other SM absences), the PR can be allocated to an unapproved individual performing an SMF’s role on an interim basis.
- All temporary changes to SMFs or PRs throughout this period should be clearly documented on internal records, including in Statements of Responsibilities (SoRs) and Responsibilities Maps (where appropriate). These records will need to be available to the FCA and/or PRA on request.
- Both statements confirm that furloughed SMs will retain their approved status during their temporary absence and will not need to seek re-approval.
- Certain ‘required’ functions (such as Compliance Oversight and MLRO) and/or ‘mandatory’ functions (such as the CEO, CFO and Chair of the Governing Body for CRR and SII firms) should only be furloughed “as a last resort”. Firms must arrange cover for those SMFs during the individual’s absence.
- Firms have greater flexibility in furloughing SMs whose function are not mandatory. However, in the Joint Statement, dual regulated firms are cautioned to think carefully about the implications of furloughing non-mandatory SMFs (such as SMFs responsible for business continuity). Solo-regulated firms should also consider the implications of furloughing key senior staff.
Notification requirements during this period
- All firms should update the FCA (and, where relevant, the PRA) by email or by telephone where:
- unapproved individuals are acting as SMFs under the ‘12-week rule’; and/or
- SMs have been furloughed.
Firms are not required to submit Forms C, D or J in connection with these temporary absences.
- Solo-regulated firms will not be required to submit an updated SoR for approved SMs if a temporary change is made to their responsibilities. However, solo-regulated firms will still need to notify the FCA of the detail of any changes (by email or by telephone) that would normally be included in updated SoRs.
- Dual-regulated firms are still required to update and submit SoRs if there are significant changes “as soon as reasonably practical”. It is acknowledged in that this may take longer than usual due to current operational challenges.
No change to the obligation to certify staff as fit and proper
- Dual-regulated firms should take reasonable steps to complete annual certifications due to expire during this period. What might constitute reasonable steps may be altered given the current situation, and certification policies and procedures may need to be adapted.
- While not specifically addressed in the FCA Statement, in the absence of any new regulatory guidance, the FCA’s expectation appears to be that solo-regulated firms should also take reasonable steps to continue with annual certifications during this period.