Greg Kilminster
Head of Product - Content
ESMA publishes latest work programme
The European Securities and Markets Authority (ESMA), the EU’s financial markets regulator, has published its 2025 Annual Work Programme (AWP). The plan sets out the strategic priorities for the year ahead, with a focus on implementing new mandates, enhancing transparency, and ensuring the stability and resilience of European financial markets. In addition, the programme outlines ESMA’s role in supporting the development of more efficient capital markets, while safeguarding the interests of retail investors.
Some context
ESMA’s 2025 AWP highlights its continued commitment to strengthening the EU’s financial markets and fostering greater investor protection. Over recent years, ESMA has played a central role in shaping key regulatory frameworks, such as the European Green Bonds and ESG Rating Providers Regulations, and has been entrusted with a range of new responsibilities following the adoption of European Market Infrastructure Regulation (EMIR 3).
As the EU financial landscape becomes increasingly complex, ESMA is tasked with ensuring regulatory coherence and market stability. The regulator will play a key role in implementing major legislative frameworks, such as the Markets in Crypto-Assets (MiCA) Regulation and the Digital Operational Resilience Act (DORA), both of which are scheduled to come into force in 2025.
Key takeaways
Implementation of new mandates: One of ESMA’s main priorities in 2025 will be the implementation of numerous technical standards and guidelines associated with the new legislative mandates passed in the previous cycle. Among these are the European Green Bonds Regulation and the Active Account Requirement under EMIR 3. These efforts will aim to provide clarity and support for market participants, while ensuring a convergent supervisory approach across EU member states.
Consolidated Tape Provider selection: Another significant development in 2025 will be the selection and authorisation of the first Consolidated Tape Provider. This step is expected to enhance market transparency by providing consolidated real-time data for European financial markets. This will be crucial for improving market efficiency and providing investors with a clearer view of trading activities.
Crypto-assets regulation: The effective implementation of the MiCA framework will be a key task for ESMA in 2025. The aim is to ensure adequate investor protection and consistent supervision of Crypto Asset Service Providers (CASPs) across the EU. The regulator will also work to develop technical standards that support the safe integration of crypto-assets into the wider financial market.
Strengthening operational resilience: With the Digital Operational Resilience Act (DORA) coming into effect in 2025, ESMA will finalise its preparatory work to ensure the EU’s financial markets are adequately protected against cyber threats and other operational risks. In collaboration with the European Banking Authority (EBA) and the European Insurance and Occupational Pensions Authority (EIOPA), ESMA has been working to harmonise the implementation of DORA across the financial sector.
Retail investor protection: ESMA’s commitment to retail investor protection remains a central theme in its 2025 programme. The regulator will continue to work on enhancing the regulatory framework for retail investment, particularly in the context of the Retail Investment Strategy and the potential shortening of the settlement cycle to T+1. Additionally, technical standards under MiFID II, MiFIR, and the Alternative Investment Fund Managers Directive (AIFMD) will be further developed to safeguard investor interests.
Next steps
Looking ahead, ESMA is preparing for an ambitious year of regulatory implementation and supervisory enhancement. As Natasha Cazenave, ESMA’s Executive Director, noted: “In 2025, ESMA will be preparing for a number of new supervisory responsibilities.” These responsibilities will include the application of DORA and MiCA, as well as the launch of the first phase of the European Single Access Point (ESAP) in 2026, which aims to provide a centralised platform for accessing public financial data.
Verena Ross, ESMA’s Chair, emphasised that, “Through these implementation tasks, we will provide clarity to assist market participants and support national competent authorities to achieve convergent supervisory approaches.” This underscores ESMA’s role in fostering regulatory cohesion and improving the efficiency of EU capital markets.
Click here to read the full RegInsight on CUBE’s RegPlatform
CFTC announces swaps enforcements
The Commodity Futures Trading Commission (CFTC) has settled enforcement actions involving Barclays Bank PLC and two swap execution facilities (SEFs), BGC Derivative Markets, L.P., and GFI Swaps Exchange, LLC.
Barclays was charged for violations of the Commodity Exchange Act (CEA) and CFTC regulations related to swap reporting. The settlement requires Barclays to pay a $4 million penalty and comply with remedial undertakings. The violations, which spanned from 2018 to 2023, involved more than five million improperly reported or late swap transactions. Barclays' cooperation in the investigation, including proactive self-reporting and remediation efforts, was acknowledged by the CFTC and led to a reduced penalty.
In a statement regarding the Barclays fine, Commissioner Caroline D Pham criticised the CFTC, in particular the CFTC’s 2023 enforcement focus, which she describes as overly punitive, particularly in swap data reporting cases, and as deviating from the agency’s core mission of preventing fraud and manipulation.
The statement also expresses concern over the CFTC's alleged abuse of its authority by pressuring firms to settle cases based on minor operational issues, even when there is no evidence of fraud. The CFTC is further criticised for its lack of clear, consistent standards for awarding credit to firms that self-report issues, calling for improved internal governance and procedures.
A further concern highlighted in Pham's statement is the CFTC’s failure to adopt a risk-based supervisory approach for swap dealers, which is a standard followed by international regulatory bodies like the Basel Committee. Despite recommendations from the International Monetary Fund, the CFTC has not implemented a direct examination program for swap dealers, even though four years have passed since it committed to doing so.
In the other cases, BGC SEF and GFI SEF were charged for failing to accurately report data for thousands of swap transactions, violating SEF Core Principles. BGC SEF was also found to have violated a prior CFTC order. The failures were attributed to deficiencies in swap reporting system design and inadequate internal controls. Both SEFs have been ordered to pay penalties ($750,000 for BGC SEF and $550,000 for GFI SEF) and to implement remedial measures, including independent reviews and compliance reports. The CFTC emphasised the importance of accurate and timely reporting, particularly for SEFs, and the need for proper system design and testing to meet regulatory requirements.
Click here to read the full RegInsight on CUBE’s RegPlatform
Central Bank of Ireland's focus on resilience, consumer protection and individual accountability
In a speech at the Compliance Institute’s Annual Conference, Gerry Cross, Director of Financial Regulation - Policy and Risk at the Central Bank of Ireland, outlined the regulator’s evolving approach to financial supervision and regulation. He emphasised the importance of resilience, consumer protection, individual accountability, and supervision to ensure a strong, adaptable financial system that prioritises public trust and societal needs.
Resilience – a continuing and changing demand
Cross highlighted the Central Bank’s commitment to building resilience in the financial system, noting that this goal has become increasingly complex in a rapidly evolving global landscape. Reflecting on the lessons from the 2008 financial crisis, he emphasised the progress made in enhancing the resilience of financial firms through governance, risk management, and capital frameworks. “The resilience shown by the financial system during recent periods of stress, such as the Covid-19 pandemic and the Russian invasion of Ukraine, demonstrates the success of these efforts," he said. However, he warned that resilience must be continually monitored and adapted to new threats, such as cyber risks and geopolitical uncertainties.
Cross acknowledged vulnerabilities exposed during these crises, particularly in the non-bank sector, and emphasised the growing threat of cyberattacks, noting the sector’s increasing reliance on complex IT infrastructure. Resilience, he stressed, must remain agile to adapt to rapid changes in inflation, interest rates, and global economic conditions.
In a nod to smart regulation, Cross pointed to the EU’s Digital Operational Resilience Act (DORA) as a model of how financial regulation can evolve. DORA, he explained, is designed to ensure that financial systems can withstand stress without collapsing. “It is fundamentally a form of ecosystem regulation,” he said, borrowing a phrase from Frank Elderson of the European Central Bank. Cross described DORA as “sophisticated, adaptive, proportionate, and evolving,” setting a high bar for other regulatory frameworks.
Protecting consumers – smarter regulation
Consumer protection remains central to the Central Bank’s mandate. Cross highlighted recent revisions to the Consumer Protection Code as a prime example of “smart regulation”—designed to be proportionate, outcome-focused, and flexible. The Bank’s approach seeks to foster consumer confidence by ensuring financial firms act in their customers’ best interests, even in situations not explicitly governed by regulation.
“Our aim is to deliver smarter regulation that is targeted on outcomes and adaptive to changing circumstances,” Cross explained. He cited lessons learned from past issues where firms often failed to meet consumer expectations in areas not strictly covered by rules.
Cross emphasised the importance of firms taking responsibility for securing their customers’ interests rather than simply complying with the letter of the law. He referenced behavioural research conducted by the Central Bank that showed how simple changes in communication could significantly improve consumer outcomes. In one case, more engaging language in letters to mortgage holders resulted in a 76% increase in refinancing activity. “This is an important example because it illustrates the heart of what we aim for with smarter consumer regulation,” he said.
The Central Bank’s proposed consumer protection reforms aim to hold firms to a higher standard of care. Cross noted that the Bank is finalising these regulations and plans to publish them in the coming months.
Individual accountability – enhancing governance
One of the more recent developments in Ireland’s regulatory landscape is the introduction of the Individual Accountability Framework (IAF), which Cross described as another example of smart regulation. The IAF requires financial firms to clearly define the responsibilities of senior executives and holds them accountable for ensuring effective governance.
Cross noted that the IAF is designed to be proportionate and adaptable to firms’ structures and evolving circumstances. “It seeks to embed a regulatory perspective within a firm’s own leadership and governance activities,” he explained. The IAF is meant to improve the internal clarity of governance within firms while ensuring that they meet their regulatory obligations.
However, Cross acknowledged concerns raised during consultations that the new framework might be seen as purely punitive. He reassured the audience that the Bank’s focus is on effective implementation rather than enforcement. “While good regulation must always include the possibility of sanctions, our approach is centred on improving the quality of governance within firms,” he said.
Supervision – integrating risk and consumer protection
Finally, Cross addressed how the Central Bank is reshaping its supervisory approach to align more closely with its evolving regulatory framework. The Bank’s new integrated supervisory structure, he explained, will place equal emphasis on consumer protection and risk-based supervision across sectors.
“We are moving to an integrated supervisory framework where directorates with oversight of banks, insurance companies, and capital markets will be responsible for all functions in their respective sectors,” he said. This change is designed to make the Bank’s supervisory activities more efficient and to prioritise areas of highest risk to consumers and the financial system.
Cross stressed that consumer protection will remain central to the Central Bank’s mission, with the Deputy Governor (Consumer and Investor Protection) continuing to lead in this area. He also highlighted the ongoing role of the Consumer Advisory Group in providing insight into the Bank’s consumer protection activities.
Conclusion – evolving to meet challenges
In concluding, Cross reiterated the Central Bank’s commitment to achieving better regulatory outcomes through constant improvement. The evolving regulatory framework, he said, is designed to ensure that the financial system remains resilient, consumer-focused, and adaptable in the face of new risks and challenges. Compliance professionals, he noted, have a key role to play in helping firms meet these expectations and serve both commercial and societal interests.
Click here to read the full RegInsight on CUBE’s RegPlatform
EIOPA Solvency II consultations
The European Insurance and Occupational Pensions Authority (EIOPA) has launched a series of consultations on new regulatory and implementing technical standards as part of the ongoing Solvency II review. These proposals focus on enhancing supervision, improving liquidity risk management, and establishing clear criteria for addressing sector-wide shocks. Stakeholders have until 2 January 2025 to provide feedback on these critical changes, which aim to strengthen the regulatory framework governing the EU’s insurance sector.
Some context
Solvency II, the regulatory framework for insurers and reinsurers across the European Union, was introduced to protect policyholders while maintaining the stability of the sector. Following the 2021 decision by the European Commission to review Solvency II, EIOPA has been tasked with updating the framework to better equip the industry for future challenges, improve supervisory effectiveness, and address emerging risks.
The five consultations launched by EIOPA are an integral part of this effort and cover key areas including liquidity management, supervision of cross-border activities, and sector-wide shock events. The goal is to ensure that the Solvency II framework remains robust, resilient, and adaptable to the evolving risk landscape within the insurance industry.
Key takeaways
The consultations address several critical areas of regulatory oversight:
Liquidity risk management: EIOPA’s draft standards for liquidity risk management propose new criteria for identifying which insurance firms and groups should conduct medium- and long-term liquidity analyses. These measures are designed to improve the sector’s ability to manage liquidity risks and maintain financial stability.
Sector-wide shocks: EIOPA’s draft rules provide guidance for supervisors in identifying sector-wide shocks. These shocks could prompt regulators to restrict or suspend dividend payments, share buybacks, or bonuses for insurers with particularly vulnerable risk profiles, safeguarding the wider market.
Influence over insurance undertakings: New rules will guide supervisors in identifying insurance groups that are under dominant or significant influence. These standards aim to improve group supervision and enhance the management of risks that arise from complex ownership structures.
Simplified life insurance valuations: One of the draft standards focuses on simplifying best-estimate valuations for life insurance obligations, specifically for smaller and less complex firms. This move aims to reduce the regulatory burden for smaller players while maintaining strong risk management practices.
Cross-border supervision: EIOPA has proposed new rules to improve the supervision of cross-border insurance activities, enhancing cooperation and information exchange between home and host regulators. This is expected to ensure better oversight of firms operating across multiple jurisdictions within the EU, addressing potential risks arising from significant cross-border operations.
Next steps
EIOPA is seeking feedback from stakeholders on these proposals. The technical standards are set to shape the future regulatory landscape of the insurance industry and support the continued evolution of Solvency II. Once adopted, these standards will guide the implementation of the new rules, strengthening risk management and supervisory oversight across the EU.
Insurers and other industry participants are encouraged to carefully review the draft standards and provide their feedback by the deadline of 2 January 2025. Following this, EIOPA will finalise the technical standards, with a view to incorporating them into the regulatory framework in line with the Solvency II reforms. As the industry adapts to these new regulations, insurers will need to ensure their systems, processes, and reporting mechanisms are in full compliance with the updated rules.
Click here to read the full RegInsight on CUBE’s RegPlatform
PRA publishes latest Regulatory Digest
The UK’s Prudential Regulation Authority has published its latest Regulatory Digest which summarises its monthly activity for September. Highlights from the digest are as follows.
Basel 3.1 implementation
The PRA has published its near-final rules for the implementation of the Basel 3.1 standards in the UK. The PRA has taken a balanced approach to the reforms, making substantive changes to some of the biggest issues raised in the consultation process. The package of reforms supports the UK's growth and competitiveness, the resilience of the banking system, and alignment with global standards.
Leverage ratio review
The PRA is reviewing the leverage ratio requirement thresholds and offering a modification by consent to certain firms to disapply the relevant part of the PRA Rulebook until the review is complete.
Thematic feedback on IFRS 9 ECL and climate risk
The PRA has published a letter to chief financial officers of selected PRA-regulated deposit-takers providing thematic feedback from its review of written auditor reports. The letter covers accounting for expected credit losses (model risk and recovery strategies) and climate risk.
Strong and simple framework
The PRA has published a consultation paper on the proposed simplified capital regime for Small Domestic Deposit Takers (SDDTs). The proposed regime would simplify all elements of the capital stack, including Pillar 1, Pillar 2A, buffers, and the calculation of regulatory capital.
Other key publications
CP8/24: Definition of Capital: restatement of CRR requirements in PRA Rulebook.
CP9/24: Streamlining the Pillar 2A capital framework and the capital communications process.
CP10/24: Updates to the UK policy framework for capital buffers.
Click here to read the full RegInsight on CUBE’s RegPlatform
OCC releases September CRA performance evaluation results
The Office of the Comptroller of the Currency (OCC) has published its Community Reinvestment Act (CRA) performance evaluation covering the period from 1 September 2024 to 30 September 2024.
The assessment is part of the federal banking agencies' obligations under the CRA to review an institution’s credit provision to its entire community, including low-to moderate-income (LMI) neighbourhoods while ensuring the institution’s overall safety and soundness.
Of the 21 evaluations made public this month, 16 are rated satisfactory and five are rated outstanding.
Click here to read the full RegInsight on CUBE’s RegPlatform