EMEA Centre for Regulatory Strategy in Financial Services UK
- Select a blog category
Looking ahead to 2017, one of the most important areas of regulatory development that we see in financial services is rising supervisory expectations of firms’ cyber resilience. A spate of recent incidents of cyber-crime and IT failure have sharpened the focus of firms on their cyber preparedness, but management and boards should now also expect to be more routinely challenged by their supervisors on how well they understand and what they have done to limit their exposure to cyber and IT risks.
2016 has been another difficult year for the financial sector, with economic and political uncertainty complicating the completion of the post-crisis regulatory repair agenda.
Three years on from CRD IV/CRR being finalised, the EU’s banking sector now faces a revised Capital Requirements Directive and Capital Requirements Regulation (CRD V and CRR II), and a host of other legislative amendments, in a 500+ page package published today. These revisions to CRD V/CRR II and amendments to the Bank Recovery and Resolution Directive (BRRD) are likely to stretch significant regulatory change into the next decade.
FCA’s asset management market study | Shining a spotlight on fund charges, fund performance and competition
The Financial Conduct Authority (FCA) has published an interim report on its asset management market study. It found evidence of high profitability relative to market benchmarks and weak price competition, especially in actively managed retail investment funds. The FCA’s proposed remedies are primarily intended to improve the transparency of fund charges and fund performance, reform governance standards for UK authorised funds, and increase scrutiny of the unregulated investment consultancy market. The FCA also proposes to carry out further research on how asset management services and products are distributed to retail investors. The regulator is seeking feedback on its proposals by 20 February 2017.
European Commission proposes 12 month PRIIPs Delay, but uncertainty around timing of the legislation means firms should maintain momentum
On 9 November, the European Commission published a legislative proposal to extend the application date of the Packaged Retail and Insurance-based Investment Products Regulation (PRIIPs) by one year. PRIIPs requires the disclosure of Key Information Documents (KIDs) when PRIIPs are sold to retail investors. The delay has been widely anticipated by the market and gives manufacturers and distributors of PRIIPs products until 1 January 2018 to put implementation plans in place. The Commission did not amend any other provisions in the Level 1 text. The proposal follows a vote by the EU Parliament on 14 September to reject the EU Commission’s Regulatory Technical Standards (RTS) on PRIIPs and concerns expressed by 24 Member States in the Council in a vote by the Competitiveness Council of the EU on 20 September (see our blog of 20 September for further detail on the Parliament’s rejection of the RTS).
Last week the EBA released a discussion paper (DP) setting out possible options for a new prudential regime for investment firms, particularly those that are not deemed “systemic and bank-like”. Published in response to the European Commission’s call for advice back in June, the paper was expected to shed some light on the direction of travel that the EBA is going to take in developing a more appropriate regime for investment firms given the distinctive nature of risks that they pose to investors and other market participants. The guiding principle behind the proposed regime is that firms that pose more risk to customers and markets, or which have more own risk, should attract higher capital requirements. However, the paper does not include any specific calibrations and, therefore, offers relatively little detail on the likely impact on firms’ individual capital requirements.
In 2017 the Bank of England (BoE) will introduce the biennial exploratory scenario (BES) as part of its annual concurrent stress test of UK banks. Outlined as part of the BoE’s 2015 update to its stress testing approach, the BES complements the annual cyclical scenario (ACS), enabling the BoE to assess firms’ resilience to a wider range of threats. The BES will be designed to delve into the more complex aspects of a firm’s risk profile, in the process testing not just its resilience, but also its capacity to model and manage risk.
On 6 October 2016, the European Banking Authority (EBA) launched a consultation on its draft “Guidelines on Information and Communication Technology (ICT) Risk Assessment” (the Guidelines) under the Supervisory Review and Evaluation Process (SREP). The consultation runs until 6 January 2017.
On 28 September the Financial Conduct Authority (FCA) released a Policy Statement setting out its final rules on regulatory references under the Senior Managers and Certification Regime (SMCR). The Policy Statement is relevant for deposit-takers, Prudential Regulation Authority (PRA) investment firms, insurers, solvency II insurers and non-directive insurers and will be of particular interest to those individuals who seek regulatory approval to perform a Senior Management Function (SMF); a Significant Insurance Management Function; an FCA controlled function or a Significant Harm Function (SHF).
‘Our implementation proposals do not mean significant changes to CASS as MIFID II is broadly aligned. We therefore think firm impact will be small’ – FCA, MIFID II Implementation – Consultation paper II CP16/19.