Regulatory Update: UK Edition – October 2022

On 25 October 2022, the FCA published Consultation Paper CP22/20 on Sustainability Disclosure Requirements (SDR) and investment labels. The FCA is proposing to introduce a package of measures aimed at clamping down on firms that are making exaggerated or misleading sustainability-related claims about their investment products (greenwashing).

These proposals focus on helping retail investors navigate an increasingly complex investment product landscape, protecting them from greenwashing and rebuilding trust. Measures proposed by the regulator to help consumers navigate the investment product landscape include:

• Sustainable investment labels, which firms may use to emphasise the sustainability-related objectives that an investment product aims to achieve. The label categories proposed by the regulator are the following: “Sustainable Focus”, Sustainable Improvers” and “Sustainable Impact”. These will be similar, but not the same as, the Article 8 and 9 labels under the SFDR;
• Disclosure requirements – which will be simplified for customer-facing disclosures and more detailed for institutional investors – and qualifying criteria that firms must meet when making sustainable investment disclosures. Similar to the SFDR, the disclosures will include pre-contractual and ongoing periodic reporting;
• Restrictions on the use of sustainability-related terms in product naming and marketing for products that do not use a label; and
• Requirements for distributors to ensure that product-level information (including the labels) is made available to consumers. The FCA aims to consult on requirements for financial advisers in due course.

The FCA is also proposing an ‘anti-greenwashing’ rule that would apply to all regulated firms, reiterating that sustainability-related claims must be clear, fair and not misleading. The FCA has stated that, since this rule aims to clarify existing rules, it would come into effect immediately upon publishing the Policy Statement.

The FCA will be receiving responses to the questions in CP22/20 until 25 January 2023. Subject to the feedback received, the FCA intends to publish a Policy Statement with its final rules and guidance by Q2 2023. The labelling and pre-contractual disclosure regulation is likely to come into force on 30 June 2024, and ongoing reporting will be effective 30 June 2025.

Waystone is helping clients navigate ESG regulation around the world, including the operational implementation and oversight of ESG processes. To discuss how we can help you prepare for the implementation of the FCA’s proposals, please contact us.

On 25 October 2022, the FCA published Discussion Paper DP22/5 on the potential competition impacts of Big Tech entry and expansion in retail financial services. Big Tech firms referenced by the FCA include Facebook (Meta), Google (Alphabet), Apple and Amazon.

This Discussion arose from concerns by the regulator that the initial competition benefits from Big Tech entry in financial services could be eroded in the long-term if these firms can create and exploit entrenched market power to harm healthy competition and worsen consumer outcomes.

In DP22/5, the FCA focuses its attention on the potential competition impacts into the following retail sectors: payments, deposit taking, consumer credit and insurance. These sectors have been chosen by the regulator for their importance to consumers’ financial lives and the potential competition impact. It should also be noted that Big Tech firms are already authorised with the FCA to carry out a combination of these regulated activities in the UK (e.g., Apple offers Apple Pay payments technology, collaborates with Barclays to provide financing on Apple Store purchases, and provides aftermarket breakdown cover for iOS devices (AppleCare) as a key insurance product).

In DP22/5, the FCA analyses different scenarios and impacts on competition that BigTech potential expansions and acquisitions could bring in retail financial services. The paper also lists a set of questions for the industry on the possible developments and consequences of Big Tech expansion in the retail financial services industry.

The discussion period will end on 15 January 2023. The FCA plans to issue a Feedback Statement in the first half of 2023 setting out how it will develop future regulation in response to the feedback received.

On 3 October 2022, the FCA issued its website Market Watch number 70. Market Watch is the regulator’s newsletter on market conduct and transaction reporting issues. Topics covered in this issue include:

• Transaction reporting – Investment firms are reminded to access the FCA’s Market Data Processor (MDP) Entity Portal to make a transaction reporting data extract request. This data should be used by firms to conduct reconciliation and ensure that their transaction reports are complete and accurate. Firms not making regular requests are reminded that this is a requirement under Article 15(3) of RTS 22.
• National Identifiers – Firms should ensure transactions are not executed for clients (including retail clients) until an identifier has been subject to internal review and validation. This should include checking that the format of the identifier conforms to the standard outlined in the ESMA Q&A on MiFIR data reporting.
• Principal Firms and ARs – For transaction reporting purposes, when a transaction is executed by an AR providing the investment service of reception and transmission for a principal firm that is subject to transaction reporting obligations, the principal firm should be identified in applicable fields (such as the Executing Entity field), not the AR.
• Instrument Reference Data – Trading venues and SIs should have arrangements in place to enable them to identify incomplete or inaccurate instrument reference data. These firms are reminded that, where a trading venue or SI identifies incomplete or inaccurate instrument reference data in its submissions, the FCA expects to be notified promptly.

On 3 October 2022, the FCA released Consultation Paper CP22/19 on the creation of a baseline financial resilience regulatory return for solo regulated firms. The FCA is proposing to replace the FCA Financial Resilience Survey with a regulatory return to reduce the administrative and financial burden for firms.

The new return will be referred to as FIN073 and will be collected through the FCA’s data collection platform, RegData. The FCA proposes to reduce the firms in scope by removing over 3,000 MIFIDPRU investment firms from this requirement, as the regulator believes reporting under MIFIDPRU already provides it with the baseline level of financial resilience data it needs.

Waystone Compliance Solutions (UK) Limited can offer assistance with RegData filings, whether you need advice or support in completing your RegData filings. Please contact us for more information.

On 5 October 2022, the FCA published a webpage titled “Consumer Duty – information for firms”. The webpage aims to provide guidance on certain aspects of the Consumer Duty implementation, following queries received by the industry. The website includes information on the following topics:

• Implementation plans – The FCA does not expect firms to have necessarily fully scoped all work required to embed the Duty by 31 October deadline. Instead, it expects implementation plans to be sufficiently developed to provide assurance to its board and the regulator that the expectations set out in the Duty have been carefully considered.
• Consumer Duty Board champions – the champion should be appointed at governing body level, ideally an INED. Consumer Duty championing will not become a prescribed responsibility under the Senior Managers & Certification Regime (SM&CR). The FCA reminds firms that the Board champion is not an executive role and is not responsible for the firm’s implementation of the Consumer Duty.

Waystone Compliance Solutions has prepared a comprehensive series of Regulatory Guides that will steer you through the complexity of the Consumer Duty. Please contact us for more information.

On 21 October 2022, there was published on the Bank of England’s website a Dear CEO letter to PRA-regulated firms from Deputy Governor for Prudential Regulation Sam Woods. The letter, titled “Thematic feedback on the PRA’s supervision of climate-related financial risk and the Bank of England’s Climate Biennial Exploratory Scenario exercise”, provides a summary of capabilities which PRA-regulated firms are expected to be able to demonstrate on approaches to managing climate risks.

These expectations relate to the PRA’s Supervisory Statement SS3/19, which detailed its supervisory expectations for firms’ management of climate-related financial risks (climate risks).

The PRA expectations for firms cover, inter alia, the following areas:

• Board Oversight – executives should be able to demonstrate how their firm is integrating climate considerations into their business strategies, planning, governance structures, and risk management processes.
• Risk Management – firms should have embedded an appropriate understanding of climate risk within their Risk Management Framework (RMF), Risk Appetite Statement (RAS), committee structures, and three lines of defence, using both qualitative and quantitative measures. Firms should also have integrated climate related risk in their risk models, counterparty engagement strategies and capital adequacy assessment methodologies, including stress tests and scenario analysis.

In the letter, the PRA states that firms are generally choosing to set out their primary climate risk disclosures in their Annual Report or a standalone climate report. The PRA reminds firms that financial risk should be primarily disclosed in ‘mainstream filings’, such as Pillar 3 and Solvency and Financial Condition Report (SFCR) disclosures, as per Taskforce on Climate-related Financial Disclosures (TCFD) recommendations.

The PRA concludes the letter by listing Resources to assist firms in embedding the SS3/19 expectations. These include clarifying documents issued by the PRA, industry guidance provided by the Climate Financial Risk Forum (CFRF), and guidance published by a number of standard-setting bodies, such as: the Basel Committee on Banking Supervision (BCBS); the joint Sustainable Insurance Forum (SIF); the International Association of Insurance Supervisors (IAIS); and, the Network for Greening the Financial System (NGFS).

Waystone Compliance Solutions is helping clients manage PRA expectations. To discuss how we can help you, please contact us.

On 27 October 2022, ESMA announced that it is changing its Union Strategic Supervisory Priorities (USSPs) to include ESG disclosures alongside market data quality. ESG disclosures will take the place of Cost and Performance as one of the two strategic priorities for National Competent Authorities (NCAs).

ESMA identifies supervisory priorities to address key market risks impacting Member States and coordinates supervisory action with NCAs on specific topics, the aim being to provide a structured and comprehensive response to such key risks. National Competent Authorities take these priorities into account when drawing up their work programmes.

With this change, ESMA aims to tackle greenwashing and foster transparency and comprehensibility of ESG disclosures across key segments of the sustainable finance value chain such as issuers, investment managers or investment firms.

Waystone Compliance Solutions is helping clients navigate ESG regulation around the world, including the operational implementation and oversight of ESG processes. To discuss how we can help you, please contact us.

On 17 October 2022, the Financial Stability Board (FSB) issued a Consultative Document titled “Achieving Greater Convergence in Cyber Incident Reporting”. The FSB is an international body that monitors and makes recommendations about the global financial system, aimed coordinating national financial authorities and international standard-setting bodies.

In its Consultation Document, the FSB explains that growing interconnectedness of the financial system increases the likelihood of a cyber incident at one financial institution having spill-over effects across borders and sectors. The FSB considers timely and accurate information on cyber incidents to be crucial for effective incident response and recovery and for promoting financial stability. The Consultative Document:

• Sets out recommendations to address impediments to achieving greater convergence in cyber incident reporting with a view to promote better practices;
• Advances work to develop common terminologies around cyber; and
• Proposes the development of a Format for Incident Reporting Exchange (FIRE) to promote convergence, address operational challenges arising from reporting to multiple authorities and foster better communication.

The FSB is inviting feedback on this consultative document. Responses to the questions set out in the report should be sent to the FSB by 31 December 2022.

Waystone Compliance Solutions is dedicated to delivering the highest quality of information security and data protection advisory and support services to its clients. Please visit our Cyber & Data Protection webpage for more information.

On 14 October 2022, there was published on the FCA’s website a press release on the regulator’s decision to impose on Gatehouse Bank Plc, a Shariah-compliant bank, a civil penalty of £1,584,100 for significant weakness in its financial crime systems and controls.

The FCA has found that between June 2014 and July 2017 the bank failed, amongst other things, to:

• Conduct sufficient checks on its customers based in countries with a higher risk of money laundering and terrorist financing; and
• Undertake the correct checks when some of the customers were classed as Politically Exposed Persons (PEPs).

In one example that raised concerns for the regulator, Gatehouse set up an account for a company based in Kuwait for the purposes of pooling a number of the company’s customers’ funds for a prospective real estate investment.

Gatehouse required the company in Kuwait to carry out customer due diligence (CDD) on the investors but failed to take steps to verify the quality of this information. As a result, over a two-year period, Gatehouse accepted US$62,000,000 into the account without collecting information about customers’ source of wealth and source of funds, failing to properly vet the funds for financial crime risks.

Since then, Gatehouse has implemented a new suite of AML and financial crime prevention related policies and procedures, taking significant steps to improve its financial crime systems and controls.

In the UK, non-compliance with AML and CTF regulation can lead to an unlimited fine and 14 years imprisonment. Please contact us if you wish to consider an independent review of your AML and CTF systems and controls.

On 6 October 2022, the FCA issued a press release stating that it has fined Sigma Broking Limited (Sigma) £531,000 for failing to make reports crucial in fighting potential market abuse. Three former directors of the firm have been fined amounts totalling over £200,000, two of whom have also been prohibited from holding senior positions in financial services.

In its final notice, the FCA states that, in the period from 1 December 2014 to 12 August 2016, Sigma failed to identify and address serious and systemic failures in relation to Sigma’s market abuse systems and controls and transaction reporting obligations in respect of its contracts for difference (“CFDs”) desk.

SUP 15.10.2R and Article 16 (2) EU MAR required firms executing transactions to establish and maintain effective arrangements, systems and procedures to detect and report suspicious orders and transactions. During the period under review, Sigma did not put in place adequate policies or procedures or deliver training to enable staff to identify and escalate suspicious transactions, failing to report a single STOR to the FCA.

Furthermore, Sigma’s governing body failed to take fundamental steps, such as holding regular board meetings where directors were provided with adequate management information and ensuring the Board’s decisions were recorded by written minutes, to enable it to perform its governance role effectively. For example, the Board did not receive any formal written reports from the Compliance Oversight function or the MLRO on matters relating to their areas of oversight.

Other failings emerging from the FCA investigation include:

• Brokers on the CFD desk had Power of Attorney (“PoA”) arrangements with clients, which were neither declared as a conflict of interest, nor monitored by compliance.
• Brokers on the CFD desk were not paid a salary, but instead were entitled to up to 60% of the net revenue generated by their clients as commission. Conflicts of interest related to this practice had neither been recognised or mitigated.
• Sigma filed to validate the accuracy and completeness of its transaction reports to the FCA by performing regular end-to-end transaction reconciliations. To help check reports have been successfully submitted to the FCA, firms can request a sample of their transaction reports using the FCA’s MDP Entity Portal. During the Relevant Period, Sigma did not make use of this facility.

For advice or an independent review of your market abuse systems and controls, please contact us.