Greg Kilminster
Head of Product - Content
FCA reveals rise in misconduct concerns
The Financial Conduct Authority (FCA) has conducted a survey examining non-financial misconduct across the financial services sector. The findings shed light on the trends, reporting mechanisms, and outcomes related to incidents of misconduct such as bullying, harassment, and discrimination. The survey is intended to help firms benchmark their internal processes and improve corporate culture, aligning with the FCA’s broader regulatory focus on firm conduct and integrity.
Some context
Non-financial misconduct, which encompasses behaviours such as harassment, discrimination, and other forms of inappropriate conduct, is increasingly recognised as a critical aspect of corporate governance. The FCA’s survey, covering a three-year period, revealed a rise in reported incidents, with significant sectoral variation in the types of misconduct. Bullying, harassment, and discrimination were among the most frequently reported issues, but a considerable portion of incidents fell into an 'other' category, highlighting the diversity of concerns across the sector.
Firms reported incidents through both reactive and proactive means. Grievances and formal processes accounted for 50% of detection, while whistleblowing and firm-led methods, such as market surveillance, were also noted as significant. The FCA stresses in the report that incidents were often detected through multiple channels, underlining the importance of a multifaceted approach to identifying and managing misconduct.
Key takeaways
- Rise in incidents: The survey found an overall increase in non-financial misconduct reports over the three-year period, with bullying, harassment, and discrimination among the most frequently cited issues.
- Sector-specific differences: While bullying and discrimination accounted for 26% and 23% of reported incidents respectively, the distribution of misconduct varied by sector. Moreover, 41% of cases fell under the 'other' category, reflecting a wide range of concerns beyond these common forms of misconduct.
- Disciplinary actions: In 43% of cases, firms took disciplinary or other actions. However, the outcomes varied, with many cases not fully investigated, unresolved, or resulting in no action. Notably, more serious types of misconduct, such as violence and intimidation, were more likely to lead to disciplinary measures than discrimination or other forms of misconduct.
- Confidentiality agreements: The use of settlement and confidentiality agreements by complainants declined in the wholesale banking sector over the period, though no clear trend was observed in other sectors. Discrimination cases, in particular, saw the highest proportion of settlements involving confidentiality agreements.
- Remuneration adjustments: Adjustments to remuneration were rare and mostly involved unvested variable pay when they did occur. This suggests that non-financial misconduct is not yet a significant factor in remuneration decisions across the industry.
- Gaps in firm policies: The survey highlighted that not all firms had relevant policies, such as whistleblowing or disciplinary policies, in place. The FCA sees this as a critical area for improvement, especially given the regulatory expectations.
Next steps
The FCA encourages firms to use these findings as a benchmark to assess their own processes and performance. Boards and senior management are urged to review their approach to non-financial misconduct, considering whether existing procedures for detecting and addressing such issues are sufficient.
Key actions firms should consider include:
- Cultural review: Firms should reflect on their internal culture, identifying areas where improvement is necessary to ensure a more inclusive and accountable workplace.
- Risk management: As non-financial misconduct poses reputational and operational risks, firms should strengthen their risk management frameworks to better detect, investigate, and resolve incidents.
- Employee voice: Firms should establish or enhance processes that allow employees to raise concerns, including whistleblowing mechanisms, ensuring a safe and confidential environment for reporting.
The FCA has made it clear that all firms, regardless of size or sector, must be compliant with existing regulatory obligations. Firms are expected to take allegations seriously, have effective systems for investigation, and act promptly when issues are substantiated. Failure to meet these responsibilities will result in regulatory scrutiny and potential action.
The FCA will continue to monitor developments in this area, using the survey responses to inform future supervisory work and policy initiatives. However, the FCA does not plan to introduce new best practice recommendations at this stage but expects firms to drive improvements based on these benchmark findings.
Click here to read the full RegInsight on CUBE's RegPlatform.
FINRA issues metaverse report
The Financial Industry Regulatory Authority (FINRA) has released a new report addressing the potential effect of the metaverse on the securities industry. Titled The Metaverse and the Implications for the Securities Industry, the report explores emerging metaverse technologies, potential benefits, risks, and regulatory considerations for financial institutions. With the metaverse increasingly being viewed as a space for virtual interaction and innovation, the aim of the report is to foster awareness and spark dialogue within the securities industry.
Some context
The metaverse, virtual interactive worlds often associated with the gaming industry, is now being explored by a range of sectors, including financial services. Its immersive, interactive environment offers new ways to engage with clients and streamline operations. Financial institutions, including broker-dealers, are already experimenting with this evolving technology to connect with the next generation of investors and enhance their services.
FINRA’s Office of Financial Innovation (OFI) spearheaded the research behind the report, prompted by increased interest from market participants. Although the full effect of the metaverse may not be realised for years, the report outlines its potential applications and the associated regulatory implications.
Key takeaways
The report identifies several potential use cases of metaverse technologies within the financial sector:
- Data visualisation: Advanced virtual environments could enhance the way firms process and present complex data to investors.
- Virtual trading: The metaverse could facilitate trading environments that provide real-time, immersive experiences for users.
- Digital twins and the industrial metaverse: Creating digital replicas of financial systems or assets to improve risk modelling and decision-making.
- Payments: New virtual economies within the metaverse may facilitate innovative payment systems.
- Training and collaboration: Financial institutions may use the metaverse for virtual training sessions and team collaboration.
- Investor education: The immersive nature of the metaverse could support interactive investor education, enabling more engaging learning experiences.
- Customer service: Virtual environments could open new avenues for customer engagement and support, making interactions more efficient.
- The report also highlights several challenges. Resource allocation, cybersecurity, and data privacy are prominent concerns for firms considering a metaverse strategy. Furthermore, the evolving nature of the technology requires firms to be mindful of potential regulatory complexities.
Next steps
As firms contemplate incorporating the metaverse into their operations, the report reminds firms of the importance of considering existing regulatory obligations. The report stresses that FINRA’s technology-neutral rules will continue to apply to firms using the metaverse in their business processes or product offerings: member firms will need to ensure that their use of the technology adheres to established regulations, even as they experiment with new models of engagement.
Although the report does not introduce new regulatory requirements or legal interpretations, FINRA has invited industry participants to share feedback on the implications of the metaverse. Firms and market participants have until 14 March 2025 to submit comments.
Click here to read the full RegInsighton CUBE's RegPlatform.
DFSA releases crowdfunding thematic review
The Dubai Financial Services Authority (DFSA) has released the findings of its 2024 Thematic Review focused on crowdfunding platform operators within the Dubai International Financial Centre (DIFC).
The review examined compliance with the DFSA’s Conduct of Business (COB) Rules, specifically the around client agreements and website disclosures. The report highlights several areas of concern, including compliance gaps and risks related to transparency for investors, particularly Retail Clients, who constitute the majority of crowdfunding participants.
Some context
The DFSA’s thematic review is part of its broader efforts to ensure that operators in the crowdfunding sector meet regulatory requirements and protect retail investors. As of March 2024, the DIFC crowdfunding market has grown significantly, providing retail investors access with a variety of investment opportunities, including property and loan-based crowdfunding. Given the reliance of investors on the disclosures provided by these platforms, the DFSA sought to assess whether operators are meeting their obligations to ensure investors can make informed decisions.
Key takeaways
Client agreements inadequacies
One of the primary concerns identified is the inadequacy of client agreements provided by crowdfunding platforms. These agreements are critical for ensuring that investors understand the terms and conditions governing their investments. The DFSA found that certain operators attempted to limit their liability through clauses that disclaimed responsibility for the information provided about issuers or investments. This practice directly contravenes DFSA Rules, which prohibit operators from limiting or avoiding their legal responsibilities under any form of communication, including client agreements.
Additionally, the DFSA identified that several operators did not have formal agreements in place with property sellers before listing properties on their platforms, violating COB requirements. These agreements are essential for ensuring that sellers adhere to the platform’s rules, protecting investors from conflicts of interest or double-listing properties on other platforms.
Disclosure deficiencies
Transparency in disclosures is another area where the DFSA found significant shortcomings. Several operators failed to prominently display required information on their websites, making it difficult for investors to fully understand the risks and terms associated with their investments.
The DFSA noted that operators often embedded key information within their terms and conditions, rather than making it clearly and prominently accessible. This practice was particularly concerning given that many investors proceed with investments by simply ticking a box to accept the terms without fully reading or understanding the details.
Compliance with amendment requirements
The DFSA also flagged concerns over the way operators handled amendments to client agreements. Under DFSA rules, operators are required to provide at least 14 days' notice before making any changes to client agreements that impact retail investors. However, the review found instances where operators allowed themselves to amend agreements without providing the required notice, creating potential risks for retail investors who may be unaware of changes affecting their rights or obligations.
Misleading terminology
In several instances, operators were found to use terminology that was inconsistent with DFSA definitions, which could confuse or mislead investors. Terms such as “custodian account” and “secondary market” were used inappropriately to describe services or features of the platforms. The DFSA emphasised the importance of clear and accurate language to avoid misunderstandings and ensure that investors are fully informed.
Next steps
The DFSA has set out several actions for crowdfunding platform operators to address the deficiencies identified in the review. These include:
- Revising client agreements to ensure they are clear, comprehensive, and compliant with DFSA Rules, particularly around the limitation of liability and inclusion of key information such as fees, conflicts of interest, and complaints procedures.
- Enhancing the visibility and accessibility of required disclosures on crowdfunding platforms, ensuring that investors have access to all relevant information before making an investment.
- Implementing processes to ensure compliance with notification requirements when amending client agreements, providing retail investors with adequate time to review changes.
- Revising the use of terminology across platforms to ensure it aligns with DFSA standards, eliminating any potential for confusion or misleading representations.
The DFSA has also reminded operators of their ongoing obligations to promptly inform the authority of any significant events or risks that may affect their compliance. Operators are expected to implement the necessary changes to their agreements, disclosures, and internal controls to safeguard investors and maintain trust in the crowdfunding sector.
Click here to read the full RegInsighton CUBE's RegPlatform.
Elizabeth McCaul speech on EU banking regulation
In a speech at the “EU banking regulation at a turning point” conference, Elizabeth McCaul, Member of the Supervisory Board of the European Central Bank (ECB), addressed the evolving nature of banking regulation within the EU. Her remarks emphasised the frequently cited essential balance between safety and competitiveness, the unfinished post-crisis reform agenda, and the pressing need to confront emerging risks like non-bank financial intermediation (NBFI) and rising geopolitical threats.
Safety and competitiveness: Not opposing forces
McCaul began by addressing what some see as a common misconception in regulatory discussions: that safety and competitiveness are opposing forces. She argued that "a stable and secure financial system forms the bedrock of long-term competitiveness." In the wake of the global financial crisis, regulation became more stringent to ensure stability, but should not always be seen as a hindrance to economic growth.
McCaul likened robust regulation to safety measures that allow banks to function within safe limits without stifling their ability to lend to the real economy. She dismissed the notion that laxer regulation could result in better economic outcomes, stating, "It's a fallacy to think that higher speed limits mean faster travel, just as laxer regulation does not lead to more sustainable growth."
McCaul also refuted claims that EU banks are placed at a disadvantage compared to their US counterparts due to regulatory differences. Contrary to some industry reports, she emphasised that "global systemically important banks (G-SIBs) in the United States face slightly higher capital requirements than their EU counterparts."
Completing the banking union and capital markets union
McCaul's speech also focused on the incomplete nature of the EU's banking and capital markets unions. Despite the resilience of Europe's banking sector in recent years—evident in its ability to weather crises such as the pandemic and the energy supply shock following Russia's invasion of Ukraine—she pointed out that significant gaps remain.
Without a fully realised European deposit insurance scheme, she argued, "there cannot be a truly single banking system." McCaul stressed the importance of a uniform level of depositor confidence across the EU, particularly during times of crisis. She also called for improvements to the crisis management and deposit insurance (CMDI) framework, which should allow authorities the flexibility to act swiftly and access adequate funding to handle bank failures.
Additionally, McCaul highlighted the need for a public liquidity backstop, a mechanism currently missing in the EU’s regulatory structure. Such a backstop is essential to provide liquidity to banks facing resolution, as has been demonstrated by recent banking crises in other jurisdictions. "Unlike other jurisdictions, however, the banking union lacks an effective public sector backstop mechanism to provide this temporary liquidity funding," she said, urging stakeholders to resume discussions on this critical issue.
McCaul noted that completing both the banking union and capital markets union would not only enhance the resilience of Europe’s financial system but also bolster the competitiveness of the sector by nurturing a more integrated, cross-border banking landscape. This would, in turn, allow banks to better manage risks, diversify their revenues, and capitalise on economies of scale.
Emerging risks: NBFI and geopolitical threats
Turning to emerging risks, McCaul focused on the rapid growth of the non-bank financial intermediation sector, which has more than doubled in size in the euro area since 2008, reaching €32 trillion in 2024. Globally, the sector has ballooned from €87 trillion in 2008 to €200 trillion in 2022. The private credit
market, a particular concern, now accounts for €1.6 trillion of the global market, with significant exposure to banks through credit funds.
McCaul raised alarm over the opacity of the NBFI sector, particularly the challenges banks face in identifying their full exposure to private credit funds, which could lead to significant concentration risks. She advocated for harmonising and expanding reporting requirements to provide supervisors with a clearer picture of risks posed by NBFI-related activities. "We supervisors do not have a full picture of the level of exposure and correlations between NBFI balance sheets and bank lending arrangements," she noted, stressing the need for better information-sharing between authorities on a global scale.
Another growing risk highlighted by McCaul was the rise in geopolitical instability, including Russia’s invasion of Ukraine, unrest in the Middle East, and China’s increasing military activities. These geopolitical shocks, she said, are contributing to supply chain disruptions, energy volatility, and inflationary pressures—all of which threaten the resilience of the financial system.
The increasing frequency and severity of cyberattacks were singled out as a direct consequence of heightened geopolitical risk. McCaul revealed that in 2022 "50% of our supervised entities were subject to at least one successful cyberattack", a number that jumped to 68% in 2023. The ECB anticipates a similar volume of cyber incidents in 2024, with McCaul already warning that "the number of cyber incident reports that we have received in 2023 was 77% higher than in 2022."
Conclusion: Sustaining resilience
In closing, McCaul reinforced the need for continued vigilance and commitment to a robust regulatory framework. While the public debate may have shifted from focusing on safety to competitiveness, she urged that both must be pursued in tandem to ensure a resilient financial system capable of supporting long-term economic growth.
By completing the banking union and capital markets union and addressing emerging risks, McCaul asserted, the EU can build a stronger, more integrated financial system that supports innovation, enhances competitiveness, and safeguards consumers. “Crises fading in the rearview mirror should not be a harbinger of shifting supervisory and regulatory priorities,” she warned, adding that a retreat from robust regulation could result in a "weaker, less competitive and less resilient sector."
Click here to read the full RegInsighton CUBE's RegPlatform.
EIOPA consults on capital requirements for crypto assets
The European Insurance and Occupational Pensions Authority (EIOPA) has opened a consultation on its draft technical advice regarding capital requirements for crypto assets within the European Union’s regulatory framework for insurers.
EIOPA's proposal suggests applying a 100% capital haircut to insurers’ crypto holdings, regardless of their balance sheet treatment or investment structure. While this stance is strict, the authority acknowledges that the market for crypto assets is still in its early stages and may warrant a more differentiated approach in the future.
Some context
Crypto assets have quickly emerged as a new asset class, but their regulatory treatment remains in flux. Although recent updates to the Capital Requirements Regulation (CRR) and the Markets in Crypto-Assets Regulation (MiCAR) address some prudential aspects for crypto, there are no specific provisions within the EU’s regulatory framework for insurers.
This lack of clear guidance has led to inconsistencies in how insurers classify and manage their crypto holdings. While the overall exposure remains minimal—crypto investments represent just 0.0068% of European insurers' total investments—there are concerns that these assets' volatility, low liquidity, and lack of transparency could lead to significant risks, particularly if the market expands in the future.
Key takeaways
EIOPA’s consultation outlines the following key proposals and findings:
- 100% haircut on crypto assets: EIOPA proposes a flat 100% capital requirement for insurers' crypto holdings, regardless of their balance sheet treatment or whether the exposures are direct or indirect. This approach reflects the authority’s concerns over the extreme price volatility, liquidity risks, and potential losses associated with crypto assets.
- Inconsistency in current classifications: The current lack of specific rules for crypto assets within the insurance sector has led to varied and potentially imprudent practices. EIOPA aims to address these inconsistencies by harmonising how insurers account for and manage these assets.
- Empirical analysis under Solvency II: EIOPA's analysis shows that existing Solvency II capital requirements may underestimate the risks posed by crypto assets. By imposing a 100% stress factor, EIOPA seeks to ensure a more prudent approach in line with the high-risk nature of these investments.
- Possible future review for differentiated treatment: EIOPA notes that some crypto assets, such as asset-referenced tokens and electronic money tokens authorised under MiCAR, may eventually warrant a differentiated treatment. The authority proposes revisiting the prudential treatment of these assets as the market evolves, potentially introducing more tailored capital requirements.
- Minimal current exposure: Data shows that European insurers’ investments in crypto assets are currently limited, with only €655 million allocated to crypto out of €9.632 trillion in total investments. Most of these holdings are structured within investment funds and held on behalf of unit-linked policyholders. Despite the low exposure, the potential for wider future adoption necessitates a cautious approach.
Next steps
Stakeholders are invited to submit their feedback by 16 January 2025 via an online survey. While the proposed 100% capital haircut represents a strict approach, the authority is open to reviewing its stance as the crypto market matures. The consultation is part of a broader effort by European regulators to harmonise the treatment of crypto assets across the financial services sector and ensure that any risks posed by these assets are appropriately managed.
Click here to read the full RegInsighton CUBE's RegPlatform.
Singapore to launch new shared responsibility framework for tackling phishing scams
The Monetary Authority of Singapore (MAS) and the Infocomm Media Development Authority (IMDA) have announced the implementation of a Shared Responsibility Framework (SRF) aimed at combating phishing scams. Set to come into effect on 16 December 2024, the framework will hold financial institutions (FIs) and telecommunication companies (Telcos) accountable for mitigating scam risks, introducing clear duties and potential payouts to victims when these duties are breached.
The SRF was initially proposed for consultation in October 2023, when 72 responses were received from both the public and key industry stakeholders. The feedback was largely positive, with respondents supporting efforts to strengthen consumer protections. Based on this feedback, MAS has introduced an additional duty for FIs—real-time fraud surveillance for phishing scams that lead to unauthorised account draining. While this was not part of the original proposal, MAS has recognised the critical need for immediate fraud detection, given the severe impact on victims.
Financial institutions will be given a six-month transition period to implement the new fraud surveillance requirement, which is expected to add some friction to higher-value transactions. MAS has acknowledged that this may cause minor inconveniences for retail customers but emphasised that the added security was necessary to protect against significant unauthorised transactions.
The SRF forms part of Singapore’s broader anti-scam strategy, which involves collaboration between government agencies, financial institutions, and telecommunications providers. Telcos, in particular, play a vital role by securing SMS channels, which are often used in digital banking. The press release notes that since 2023, Telcos have blocked over 20 million fraudulent SMS messages, thanks to measures such as the mandatory SMS Sender ID Registry and anti-scam filters.
MAS and IMDA will continue to collaborate with industry players to adapt anti-scam measures in response to evolving threats. Both agencies have expressed their gratitude to those who provided input during the consultation process, with further details available in the official response to the consultation.
Click here to read the full RegInsighton CUBE's RegPlatform.
MAS urges stronger anti-scam measures
The Monetary Authority of Singapore (MAS) has written to Major Payment Institutions (MPIs) calling on them to implement enhanced anti-scam measures if MPIs plan to raise the monetary limits on e-wallets issued to customers. This announcement follows regulatory amendments made in December 2023, which significantly increased the maximum limits for funds held in and transferred from personal payment accounts containing e-money.
Under the updated Payment Services Regulations 2019, MPIs can now raise the "stock cap" on e-wallets to S$20,000, up from the previous limit of S$5,000. Additionally, the "flow cap", which governs the total outflow of funds from an e-wallet over the course of a year, has been increased from S$30,000 to S$100,000. These higher limits allow greater flexibility for consumers using e-wallets but also increase their exposure to financial scams.
In response, MAS has issued guidance to MPIs wishing to adopt these higher caps, emphasising the need for adequate anti-scam measures to mitigate the risks posed by these increased limits. The regulator expects MPIs to assess and enhance their scam-prevention frameworks, incorporating stricter security protocols and oversight measures before offering the expanded e-wallet options to consumers.
The MAS circular also sets clear expectations regarding governance. Senior management and boards of MPIs are required to ensure that effective controls are in place to manage scam risks and ensure the fair treatment of customers. This includes establishing a robust incident management process for scam-related events and ensuring that disputes arising from scam-related losses are handled independently of business operations.
Institutions that choose not to adopt the higher e-wallet limits are still encouraged to implement progressive anti-scam measures to safeguard customers over time.
Click here to read the full RegInsighton CUBE's RegPlatform.