Home
Resources
CUBE RegNews: 7...

CUBE RegNews: 7th October

Greg Kilminster

Greg Kilminster

Head of Product - Content
Copy link Copy linkCopy to clipboard
Share on X Share on Facebook Share on Linkedin

Posted: 2024-10-07

UK government issues AML guidance

The UK government has issued useful guidance for firms to utilise the new information sharing provisions introduced by the Economic Crime and Corporate Transparency (ECCT) Act 2023, which came into force on 15 January 2024. 


The key points from guidance are as follows. 


Policy intent and scope 

  • The ECCT Act provisions enable anti-money laundering (AML) regulated firms to share customer information relevant to economic crime without civil liability. This aims to facilitate cooperation in detecting and preventing economic crime across the AML-regulated sector. 
  • Private entities can share information under UK GDPR's lawful basis requirements, with these measures specifically mitigating confidentiality concerns that previously discouraged information sharing. 


Direct and indirect sharing provisions 

  • Direct sharing provisions allow regulated firms to share customer information on a peer-to-peer basis for economic crime prevention, detection, and investigation, disapplying civil liability. 
  • Indirect sharing is permitted through third-party intermediaries for large firms in certain sectors, such as finance, crypto, law, and accountancy, defined as those with revenues between £36 million and £1 billion. 
  • Firms can engage in both direct and indirect sharing, but indirect sharing must use the "warning condition" to qualify for protection, rather than the "request condition" applicable to direct sharing. 


Request and warning conditions 

  • Warning condition: Applies when a firm has taken or would take safeguarding action against a customer (eg, ending a business relationship). It can be used for both direct and indirect sharing. 
  • Request condition: Used by a firm to request information to assist with due diligence or risk assessment, applicable only to direct sharing. 

Both conditions require that firms carefully adhere to specific criteria to maintain liability protection. 


Practical considerations for regulated firms 

  • A sector-led approach is encouraged, with specific industry guidance complementing this overarching framework. Firms are encouraged to utilise technology, such as APIs, for secure and efficient data sharing. 
  • For firms choosing third-party platforms, adherence to UK GDPR and a commitment to secure data-handling protocols are essential. 


Law enforcement reporting, UK GDPR compliance, and customer redress 

  • Law enforcement reporting: Firms should continue to file SARs with the National Crime Agency (NCA) and may leverage joint disclosure reports (Super SARs) under these measures. 
  • UK GDPR compliance: Firms must ensure that any personal data shared is accurate, relevant, and necessary, and used solely for the purposes set out under the ECCT Act. Adherence to the forthcoming Data Protection and Digital Information Bill amendments, which recognise fraud prevention as a legitimate interest, is recommended. 
  • Customer redress: Firms are advised to maintain comprehensive records of shared information and establish clear complaint procedures to facilitate customer redress and maintain transparency. 


In summary, the guidance provides a framework for AML-regulated firms to share information on economic crime, encouraging a risk-based and sector-specific approach that aligns with UK GDPR requirements and supports customer redress processes. 


Click here to read the full RegInsight on CUBE's RegPlatform




ESRB issues latest meeting minutes

The European Systemic Risk Board (ESRB) recently held its 55th regular meeting on 26 September 2024, where the General Board reviewed ongoing risks to financial stability in the European Union. While inflation across the bloc continues to decline, the Board highlighted a number of persistent vulnerabilities, particularly stemming from geopolitical tensions and structural issues in key sectors such as commercial real estate. 


Some context 

The ESRB, which was established in 2020, is responsible for the macroprudential oversight of the EU financial system and the prevention and mitigation of systemic risk. The ESRB therefore has a broad remit, covering banks, insurers, asset managers, shadow banks, financial market infrastructures and other financial institutions and markets. 


Key takeaways 

The ESRB General Board identified several key areas requiring immediate attention: 


Geopolitical and cyber risks: The Board emphasised the need for increased coordination to mitigate the financial stability risks posed by geopolitical events and cyber threats. The concentration of critical services among a few third-party providers heightens systemic risk, warranting a more proactive regulatory approach. 

Financial market volatility: The recent market volatility highlights how leveraged positions can amplify responses to adverse events, raising concerns about risk management practices across the sector. Persistent elevated risk-taking could lead to swift unwinding of positions, potentially triggering further market disruptions. 

Commercial real estate (CRE) vulnerabilities: The CRE sector continues to show signs of fragility, especially in the non-prime segment. The sector’s high interconnectedness with both bank and non-bank financial institutions adds complexity, as structural shifts—like changes in work patterns and climate policies—further exacerbate risks. 

Non-bank financial intermediation (NBFI): The Board discussed the ESRB’s ongoing response to the European Commission’s consultation on macroprudential policy for NBFIs. There is a need to enhance resilience in the sector, particularly as the Capital Markets Union (CMU) develops. The Board identified key areas for legislative action, including money market funds, preparedness for margin calls, and crypto-asset regulation. 


Next steps 

The ESRB is committed to addressing these identified risks. As part of its response to the European Commission's consultation on NBFI macroprudential policy, the ESRB aims to strengthen regulatory consistency across different types of financial entities engaged in similar activities. This initiative will cover lending beyond traditional banking, asset management beyond investment funds, and promote central clearing in government bond markets. The ESRB’s official response will be submitted to the European Commission by November and subsequently published on its website. 


The ESRB’s meeting emphasised the importance of vigilance and proactive measures to safeguard financial stability in the EU. The Board’s focus on geopolitical risks, market volatility, and sector-specific vulnerabilities reflects its ongoing commitment to addressing the challenges facing the EU’s financial system. 


Click here to read the full RegInsight on CUBE's RegPlatform




CBI director shares thoughts on governance

In a speech at the Institute of Directors Chartered Director Programme Graduation, Sharon Donnery, Deputy Governor of the Central Bank of Ireland, emphasised the growing challenges and responsibilities facing company boards today. 


Reflecting on her own experience in the programme, Donnery noted the increasingly complex landscape that directors must navigate, stressing that while the role of boards has never been more challenging, it has also never been more crucial. She highlighted that boards are expected to manage both internal and external complexities while ensuring good governance, effective risk management, and a positive organisational culture. 


“I firmly believe that good governance is the bedrock of successful firms – and that good governance leads to good outcomes,” said Donnery, arguing that firms with strong governance and risk management frameworks are better positioned to grow safely and manage risks effectively. 


She pointed out that failures in governance have often been the root cause of major corporate collapses and crises, emphasising the need for robust governance frameworks to address these weaknesses. Since the financial crisis, regulators have focused on strengthening governance standards in the financial sector. While progress has been made, Donnery acknowledged that maintaining these standards is an ongoing effort. “Standards have improved,” she remarked, “however, it is a journey we are all still on”. 


Donnery's speech also highlighted the importance of proactive risk management. She said that traditional risk management approaches, which often rely on historical data, need to be adapted to meet the demands of an uncertain and rapidly changing world. She called on firms to take a more forward-looking approach, advocating for risk management practices that anticipate and prepare for future challenges. "Risk management needs to adapt too – with more forward-looking risk management techniques necessary in a changing and uncertain world". 


In addition, Donnery pointed to the critical role of culture within organisations. She argued that a strong ethical culture, set from the top, is essential for effective governance and risk management. “For without the right culture, good governance and strategic plans won’t get delivered – or they won’t get delivered right,” she noted, adding that boards should be actively involved in shaping and overseeing their organisation’s culture. Setting the “tone from the top,” as she put it, is essential to fostering an ethical and robust organisational environment. 


Donnery also addressed the attributes of effective board directors, stressing the importance of a broad perspective and a commitment to good governance. She emphasised the need for directors to be strategic, forward-looking, and risk-focused, adding that directors should bring an independent perspective to the table and challenge the status quo when necessary. She highlighted the importance of being inquisitive, stating, “The curiosity to ask questions and to probe for answers… is particularly true for INEDs, who need to verify and seek evidence”.

 

In concluding, Donnery encouraged the graduates to embrace their roles as stewards of good governance, culture, and risk management. She urged them to view governance as not only essential for compliance but as a foundational pillar for organisational success. “Good governance and risk management is not just good for compliance – it is good for business, good for shareholders, good for customers, and good for the economy,” she affirmed. 


Click here to read the full RegInsight on CUBE's RegPlatform




FCA updates cryptoasset registration statistics

The Financial Conduct Authority (FCA) has provided updated data on applications for registration under the UK's anti-money laundering (AML) and counter-terrorist financing (CTF) framework for cryptoasset businesses. As of 1 October 2024, the FCA had received a total of 364 applications since becoming the AML/CTF supervisor for the sector on 10 January 2020. 


During the past month, the FCA received four new applications, bringing the total to 38 applications submitted in the previous 12 months. Of these applications, 34 have been processed, with outcomes including 15% registered, 32% rejected, 44% withdrawn, and 9% refused. 


Since January 2020, only 14% of applications have been successfully registered, while the majority — 70% — were withdrawn. Rejections and refusals accounted for 12% and 4%, respectively. These figures highlight the FCA’s strict adherence to AML/CTF regulations, with applications commonly rejected or invalidated due to missing or incomplete components essential for a full assessment. 


Click here to read the full RegInsight on CUBE's RegPlatform




FCA publishes latest Handbook notice


FCA publishes latest Handbook notice 

The Financial Conduct Authority (FCA) has published Handbook Notice 122, which summarises legislative and regulatory changes during the previous period. In addition to outlining the next schedule of board meetings and summarising feedback on current consultations, the notice summarises the following changes to the FCA Handbook and other material made by the FCA Board under its legislative and other statutory powers on 18 September and 3 October 2024. 


Dispute Resolution: Complaints Sourcebook 

In summary this instrument: 

  • Extends the pause on firms needing to provide a final response within eight weeks for Discretionary Commission Arrangement (DCA) complaints. 
  • Requires firms to keep complainants informed during the pause. 
  • Extends the timeframe for consumers to refer complaints to the Financial Ombudsman. 
  • Mandates record-keeping until 11 April 2026. It is effective from 26 September 2024. 


Change in Control (Aggregation of Holdings)  

In summary this instrument: 

  • Updates wording on prudential assessments of acquisitions and removes redundant text on aggregation of shares/voting power. 
  • Is effective 1 November 2024. 


EU Withdrawal (Miscellaneous Amendments) 

  • In summary this instrument: 
  • Removes expired provisions related to the temporary permissions regime and updates terminology per the Retained EU Law (Revocation and Reform) Act 2023. 
  • Is effective from 4 October 2024. 


Technical Standards (MiFID Transparency Transitional Provisions) 

In summary this instrument: 

  • Extends temporary exemptions for FCA on EU transparency rules for bonds and derivatives, pending a regime revision expected in late 2025. 


Click here to read the full RegInsight on CUBE's RegPlatform