Regulatory Update: UK Edition – June 2022

The Financial Conduct Authority (FCA) is close to hitting its six-digit limit (999999) for Firm Reference Numbers (FRNs) and Product Reference Numbers (PRNs).

On 23 June 2022, the FCA announced on its website that newly registered firms and funds will be assigned a seven-digit reference number. Firms that have already been assigned a six-digit reference number will retain that number and will not be affected.

The Regulator has yet to announce a start date for the change to come into effect.

For Firms looking for support with authorisation, variation of permissions or other authorisation and permission-based processes, please contact us.

On 29 June 2022, the FCA published Feedback Statement FS22/4 containing feedback to Consultation Paper CP21/18. Issued back in June 2021, the consultation sought initial views from stakeholders on ESG‑labelled debt instruments, and ESG data and rating providers.

FS22/4 FCA encourages ‘issuers of ESG‑labelled Use of Proceeds (UoP) debt instruments to consider voluntarily applying or adopting relevant industry standards, such as the Principles and Guidelines that the International Capital Market Association (ICMA) has developed for green, social, and sustainability bonds’.

In addition, the FCA states that it will continue to work with the Treasury, who are considering bringing ESG data and rating providers within the FCA’s regulatory perimeter. The regulator expresses concern with the potential for harm to markets and, ultimately, consumers, as industry practitioners are increasingly reliant on third‑party ESG data and rating services.

For guidance and support in navigating and understanding the ESG regulatory framework, from SFDR transitions to assurance services, please contact us.

On 8 June 22, HM Treasury published a policy paper advancing proposals for mitigating risks from critical third parties to the finance sector.

The treasury states that ‘Financial services firms are increasingly relying on a small number of third parties outside the finance sector for key functions or services, such as cloud-based computing services.’ This has raised fears of financial stability risks and has led the Bank of England’s Financial Policy Committee (FPC) to conclude in 2021 that ‘direct regulatory oversight’ is required.

HM Treasury is working with the Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA) to understand what ‘direct regulatory oversight’ of third-party services might involve. HM Treasury proposes to designate as ‘critical’ certain providers, and to empower the regulators to ‘make rules, gather information, and take enforcement action’ in respect of these ‘material services’.

The government intends to legislate for this regime when parliamentary time allows. For more information, please refer to HM Treasury’s policy paper at the following link.

On 23 June 2022, the Financial Conduct Authority (FCA) published on its website an evaluation report on the Digital Sandbox Sustainability Pilot, a platform for collaboration between the FCA and Firms aimed at solving challenges in ESG data and disclosures.

The Digital Sandbox provided 28 organisations with a set of synthetic data assets to enable testing in an integrated development environment where applicants can develop and test their solutions on a collaboration platform, i.e., ‘an ecosystem of key organisations that will provide support and input to digital sandbox participants, such as incumbents, academia, government bodies, venture capital, and charities’.

The FCA lists the key lessons learned during the pilot programme. Firms praise the positive impact on innovation acceleration that the ecosystem created but point at room for improvement in the availability and quality of data, and the difficulty in meeting all mentor requests from participants.

The FCA is considering making the digital sandbox data assets openly available with the aim of promoting innovation and competition in the industry and looks forward to establishing a permanent operating model for a digital testing environment based on the principles of the digital sandbox initiative.

On 23 June 2022, the House of Commons Committee issued a report titled: ‘Future Parliamentary scrutiny of financial services regulations’. The report stems from the Future of Financial Services Inquiry, in which Parliament called for evidence on ‘how financial services regulations should be set and scrutinised as EU directives cease to govern new rules and regulations.’

The Treasury Committee believes it would not be proportionate for the UK parliament to carry out the detailed textual scrutiny that the European Parliament’s Economic and Monetary Affairs Committee conducts. Instead, the Treasury Committee proposes a nimbler system for scrutiny in which experts, consumer representatives and other stakeholders challenge the regulation ex-ante, and thorough reviews of the impact of the regulation on the industry are conducted ex-post.

Significant changes to regulatory texts will be made following a three-stage process entailing: Discussion Papers; Consultation Papers; and Policy Statements. The FCA expects to inherit the responsibility of drafting measures for over 40 ‘files’, or ‘subject areas’. The Treasury Committee will intervene at Consultation Paper stage, when ‘proposals have crystallised into draft texts but when there is still scope for influence’.

The Treasury Committee will establish a sub-committee to take the lead on scrutiny of regulatory proposals. The sub-committee will report to the full Committee, will have the power to send for ‘persons, papers and records’, and will be the forum for oral evidence when this is merited.

The treasury acknowledges and encourages collaboration with other committees in both Houses – e.g., the Economic Affairs Committee and the Industry and Regulators Committee – when relevant within their remit.

On 23 June 2022, the Prudential Regulation Authority (PRA) published its annual report for the year ended 28 February 2022. The report is made to the Chancellor of the Exchequer and explains how the PRA worked to deliver its strategic goals for 2021/2022.

In the foreword by the Chair, Governor Andrew Bailey, stated that he is encouraged that the International Monetary Fund (IMF) has recognised the effectiveness of actions taken to increase resilience in the UK financial system. Mr Bailey also referred to recent regulatory developments, including:

• The Resolvability Assessment Framework, which sets out how the PRA assess how prepared firms are for resolution.
• The joint review of the Solvency II framework for insurers with HMT, aimed at releasing capital held by life insurers to support growth; and
• The PRA’s work to develop a ‘strong and simple’ regulatory framework for non-systemic banks and building societies, which aims to tackle the complexity and barriers to growth faced by these firms.

The report also contains a forward by the PRA’s Chief Executive, Sam Woods. In his statement, Mr. Woods refers to the prudential regulator’s focus on major shifts in the financial services landscape, including:

• The issuance of the climate biennial exploratory scenario in order to explore the resilience of major UK banks, insurers, and the financial system to climate-related risks;
• The Banks and PRA’s Discussion Paper (DP) on new forms of digital money, including the regulation of systemic stablecoins; and
• Setting out how firms should identify, measure, and mitigate risks associated with crypto activities.

Mr. Woods also spoke about the default of Archegos Capital Management in March 2021 and reminded firms of the importance of investing in their risk management frameworks and controls infrastructure, hinting to future regulatory developments in this area.

EBA guidelines on the duties of AML/CFT compliance officers

On 14 June 2022, the European Banking Authority released final guidelines on the role, tasks and responsibilities of Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) compliance officers.

These Guidelines fall under the scope of Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing. The guidelines explain in detail the duties of the management body in the AML/CFT framework, the suitability requirements for the AML/CFT compliance officer, as well as the tasks and responsibilities of the person employed in this role.

In particular, Guidelines 4.2 provide details on the tasks and duties of the AML/CFT compliance officer, including:

• Development of a risk assessment framework
• Development of policies and procedures
• Advising senior management when onboarding customers, including high-risk customers
• Monitoring compliance
• Reporting to the management body
• Reporting of suspicious transactions
• Training and awareness

Firms should ensure they have in place policies, controls, and procedures to mitigate and manage effectively the risks of money laundering and terrorist financing.

If you wish to consider an independent review of your AML and CFT framework, or if you would like to discuss the risks and expectations facing MLROs please contact us.

On 30 June 2022, the European Parliament and the Council presidency reached an agreement on the rules proposal of the markets in crypto-assets (MiCA), a regulation aimed at protecting consumers by establishing a EU level legal framework for crypto-assets.

The regulation covers issuers of unbacked crypto-assets and stablecoins, as well as the trading venues and the wallets where crypto-assets are held. The key provisions agreed for crypto-asset issuers cover transparency, disclosure, authorisation and supervision of transactions.

The regulation will require stablecoin issuers to hold sufficiently liquid reserves with a 1:1 ratio, partially in the form of deposits. Stablecoin holders will be offered a claim at any time and free of charge by the issuer.

In addition, Crypto-Assets Service Providers (CASPs) will be required to disclose, in a prominent place on their website, information on their environmental and climate impact.

On 24 June 2022, Commission Delegated Regulation (EU) 2022/975 was publishes on the Official Journal of the European Union. The regulation extends the date of applicability of technical standards laid down in the following regulations:

• Commission Delegated Regulation (EU) 2017/653 on key information documents (KIDs) for packaged retail and insurance-based investment products (PRIIPs); and
• Commission Delegated Regulation (EU) 2021/2268, amending the regulatory technical standards on presentation of past performance and cost information by PRIIPs.

The dates of applicability are extended as follows:

• In Article 18 of Delegated Regulation (EU) 2017/653. ‘Article 14(2) shall apply until 31 December 2022.’
• In Article 2, second paragraph of Delegated Regulation (EU) 2021/2268, ‘1 July 2022’ is replaced by ‘1 January 2023’.

For more information, please refer to Commission Delegated Regulation (EU) 2022/975 at the following link.

On 24 June 2022, HM Treasury published a policy paper containing a forward-looking review of the UK’s AML/CFT regulatory and supervisory regime. This was published alongside two statutory required Post Implementation Reviews on the Money Laundering Regulations (MLRs 2017) and the Oversight of Professional Body Anti-Money Laundering and Counter Terrorist Financing Supervision Regulations (OPBAS 2017).

The review of the UK’s AML/CFT regime aims to evaluate the effectiveness of the MLRs and OPBAS   Regulations to date, and to establish a framework for measuring and improving their future effectiveness. The review focused on the following topics:

• Refining the objectives for the MLRs;
• Measuring the effectiveness of the MLRs;
• Introducing Strategic National Priorities;
• Exclusion and inclusion of sectors in scope of the MLRs;
• Mandatory provisions as opposed to a risk-based approach;
• The MLRs and the use of new technology such as digital identity;
• The supervisor’s role in the Suspicious Activity Reports (SARs) regime;
• The powers of enforcement available to supervisors; and
• Considerations over establishing a single AML supervisor across all industries.

In the course of the review, HM Treasury stated that the government:

• Is committed to doing further work to better understand the risk profile of domestic PEPs in order to differentiate the level of checks to be done on domestic and foreign PEPs;
• Continues to think that it is proportionate to maintain a list of High Risk Third Countries (HRTCs) on which mandatory Enhanced Due Diligence (EDD) is required;
• Is minded to remove the list of required checks for customers in HRTCs (Regulation 33(3A)), except in the case where the FATF requires the application of specific elements of EDD;
• Will consider options to inform the UK’s HRTC list beyond those listed by the FATF; and
• Will review wording of the requirement to perform EDD for ‘complex or unusually large’ transaction, as it appears to cause confusion.

If you would like to obtain an independent review of your AML and CFT systems and controls or if you would like to discuss the risks and expectations facing MLROs, please contact us.

On 9 June 2022, Commencement No. 2 and Saving Provision Regulations 2022 of the Economic Crime (Transparency and Enforcement) Act 2022. was published on the government website. These regulations bring into force on 15 June 2022 Chapter 1 (monetary penalties) of Part 3 (sanctions) of the Act.

The new rules have the following effect, as explained in the explanatory notes:

• Civil monetary penalties can be applied to persons for breaches of financial sanctions with no requirement for the Treasury to prove that the person had knowledge or reasonable cause to suspect their activity breached sanctions;
• They allow the Treasury to publish notices detailing violations by persons of financial sanctions in cases where the Treasury have decided not to impose a penalty.

The new laws will not apply to breaches of financial sanctions that took place before 15 June 2022. If you would like to discuss the impact of tightening sanctions on your business or need to undertake a Sanctions risk assessment for your business, please contact us.

On 21 June 2022, the Financial Action Task Force (FATF) published the outcomes of its plenary, held 14-17 June. Delegates from over 200 jurisdictions of the Global Network participated in these discussions.

The FATF discussed compliance with its standard, focusing on:

• Mutual Evaluation of Germany and the Netherlands; the Plenary concluded that both Germany and the Netherlands have made considerable improvements in their AML/CFT frameworks in recent years, but that both countries require ‘major improvements in certain areas’, listed in the statement.
• Jurisdictions under Increased Monitoring; the FATF has included Gibraltar in the list of jurisdictions under increased monitoring, and congratulates Malta ‘for the significant progress it has made in addressing the strategic AML/CFT deficiencies’, excluding it from the list.

The FATF also discussed strategic initiatives, including:

• Information Sharing and Data Protection; a report will be published in July illustrating how FATF members are working to balance the mitigation of AML/CFT risks with data protection and privacy concerns.
• Risk-based Approach Guidance for Real Estate; the FATF finalised guidance aimed at helping real-estate private sector participants in understanding and mitigating ML/TF risks. According to the FATF, the sector generally has ‘poor understanding’ of those risks. A report will be published by the FATF in July 2022.
• Implementation of the FATF Standards on Virtual Assets/VASPs (Travel Rule); the FATFs exhorts non-compliant countries to implement the Travel Rule for Virtual Asset Service Providers (VASPs), which requires VASPs to collect information on the identities of the originator and beneficiary of virtual asset transfers. A targeted update report on the matter has been published by the FATF on 30 June 2022.
• Improving access to Beneficial Ownership Information; discussions build on the March 2022 FATF agreements on ‘tougher global beneficial ownership rules to stop criminals from laundering their dirty money or hiding illegal activities through complex corporate structures or legal persons’. Countries will be required to establish a registry for holding beneficial ownership information. The FATF aims to publish finalised guidance by October 2022.

The FATF Plenary heard the incoming President T. Raja Kumar of Singapore highlight the priorities of his Presidency. These have been published on 1 July 2022 in a dedicated paper by the FATF.

On 9 June 2022, the Financial Action Task Force (FATF) issued a follow-up report on the ‘FATF Plenary-adopted Mutual Evaluation Report (MER) for the United Kingdom (UK)’ of October 2018. The follow-up report analyses the UK’s progress in addressing the technical compliance deficiencies highlighted in 2018.

The FATF had highlighted deficiencies in relation to the UK’s implementation of Recommendation 13 (Correspondent Banking) and Recommendation 29 (Financial Intelligence Units):

• Back in 2018, the UK was rated Partially Compliant (PC) on Recommendation 13. This was due to the lack of application of enhanced due diligence (EDD) measures for correspondent banking within the European Economic Area (EEA). The UK has addressed these deficiencies by amending its Money Laundering Regulations (MLRs), changing the definition of third country to include any jurisdiction outside of the UK. The UK has been re-rated Compliant (C) with respect to Recommendation 13.
• The FATF has stated that the UK remains Partially Compliant (PC) with Recommendation 29. Although work has been done to increase the resources of the UK Financial Intelligence Unit (UKFIU), most processes undertaken to enhance its ability to perform its key functions are still in early stages of development or remain under construction.

The FATF concludes that ‘the UK will remain in regular follow up and will continue to inform the FATF of progress achieved on improving the implementation of its AML/CFT measures’.

On 17 June 2022, the National Crime Agency (NCA) published new guidance on Suspicious Activity Report (SAR) Glossary Codes and Reporting Routes.

In its Overview, the booklet provides the following Key Points:

1. The use of Glossary Codes in SARs is crucial for enabling the UK Financial Intelligence Unit (UKFIU) to identify and combat money laundering.
2. When reporting a crime together with a SAR, firms should include references to the crime and other reporting organisations in the SAR.
3. When submitting a SAR, the relevant glossary code should be included in the ‘Reason for Suspicion’ text space.
4. It is acceptable to have SARs with multiple codes. When in doubt, Firms should include a code rather than not. If no codes match the circumstances faced by the reporter, it is acceptable to transmit a SAR where ‘no codes apply’.

The booklet provides practical guidance on circumstances, definitions, and use of codes. SAR examples are provided in pages 21-27. The new guidance replaces all previous glossary codes publications.

The SARs regime is for reporting knowledge or suspicions of money laundering, or belief or suspicions relating to terrorist financing. If you would like to obtain an independent review of your AML and CTF systems and controls, then please contact us.

On 23 June 2022, the Financial Conduct Authority (FCA) announced that Ghana International Bank was fined £5,829,900 for ‘poor Anti-Money Laundering (AML) and Counter-Terrorist Financing (CFT) controls over its correspondent banking activities.’

Although no evidence of money laundering was detected, the failures in Ghana International Bank’s system were significant. These include:

• Failing to adequately perform the checks required when it established relationships with overseas banks
• Failing to undertake annual reviews of the information held on respondent banks;
• Failing to demonstrate assessment of foreign banks’ AML controls;
• Failing to give staff adequate training on how to scrutinise transactions properly; and
• Failing to establish appropriate policies and procedures for staff.

Since the FCA’s visit in December 2016, Ghana International Bank has voluntarily agreed to not take on new customers and the restriction remains in place. The initial penalty of £8,328,500 was reduced by 30% due to the Bank not disputing the FCA’s findings and agreeing to settle at an earlier date.

If you require an independent assurance review on the effectiveness of your AML controls, please contact us to have a discreet and no obligation conversation.