Regulatory Update: UK Edition – September 2023

On 1 September 2023, the FCA published Consultation Paper 23/18 Quarterly Consultation No. 41

The FCA is proposing to make change to ICOBS 8 Annex 1 to simplify the ERN matching requirements and to make changes to SUP 12.4.10AR to clarify its interaction with MIPRU 3.2.

The deadline for responding to CP23/18 closed on 9 October 2023.

On 5 September 2023, the Financial Services Consumer Panel (FSCP) published a final report: Financial Services firms’ personal data use – is this leading to bias and detriment for consumers with protected characteristics?

The report makes the following key findings:

• it is widely assumed by experts interviewed in the field, and noted in published literature, that some groups of consumers are experiencing bias and detriment, relating to their protected characteristics, due to the way in which financial firms are using personal data and algorithms
• despite strong anecdotal evidence, categorically evidencing that algorithmic decision-making is the cause of bias is challenging because systems are opaque, making it difficult for third parties to truly understand what is happening ‘behind the scenes’
• there are important debates to be had about where to draw the line in terms of ethical use of personal data to make risk-based decisions – in terms of what is/isn’t fair, reasonable or proportionate
• evidence and experts note the critical role that regulation will have in addressing the issues and concerns raised about the use of personal data and algorithms and call for greater pressure on firms to have oversight of personal data and AI they use, including increasing the onus on firms to evidence that the tools they use to determine access, price and service of their products do not cause bias, as opposed to seeking evidence that they do
• whilst the Consumer Duty is an important part of the conversation in securing ‘good outcomes’ for consumers, experts want to see the FCA directly address algorithmic decision-making as part of this, as opposed to make assumptions as to how the implementation of the Consumer Duty would cover the use of personal data and algorithmic decision-making.

On 6 September 2023, the FCA published a speech by Sarah Pritchard, Executive Director of Markets, and Executive Director of International delivered at the Financial Crime Summit 2023. Highlights include:

• fighting financial crime is about upholding the FCA’s standards and boosting the UK’s competitiveness
• firms should calibrate their financial crime fighting systems to the right risk level – whether that be high or low – and expect spot checks by the FCA -the FCA’ssanctions update identifies good and bad practice
• Domestic Politically Exposed Persons (PEPs) should generally be treated as a lower risk, and the FCA will act if it sees firms persistently acting disproportionately
• the FCA will increase its focus on whistleblowing in high-risk sectors and expect first line of defence employees to raise awareness of the process and benefits of whistleblowing for organisations and wider society andthe FCA will be testing how effectively these messages have been shared and will identify best practice across the industry.

On 7 September, the FCA published a letter on firms’ preparations to comply with the cryptoasset financial promotions regime and modification to financial promotion rules. It references Policy Statement PS23/6, which sets out rules on financial promotions for cryptoassets coming into effect from 8 October 2023.

The letter is addressed to all firms that the FCA is aware of that intend to communicate or approve cryptoasset financial promotions. The letter is also relevant to any other firm that is involved in communicating or approving cryptoasset financial promotions to UK consumers or is likely to do so in the future.

The FCA met with various cryptoasset firms to understand their preparations. Their key findings include:

• most firms have faced significant challenges in preparing for the financial promotions’ regime
• firms in global group structures are having to make significant changes to their business models to comply with the regime
• firms have under appreciated the broad scope and nature of the financial promotion regime
• firms were not sufficiently considering how certain rules apply to the specifics of the cryptoasset services they provide.

All firms intending to communicate or approve cryptoasset financial promotions should carefully consider the letter and the detailed feedback on good and poor practices as part of their implementation plans. Firms should also consider the material set out in the FCA’s guidance consultations GC23/1 ‘Guidance on cryptoasset financial promotions’ and GC23/2 ‘Financial promotions on social media’.

On 12 September 2023, the FCA published Policy Statement 23/13: Introducing a gateway for firms who approve financial promotions.

This policy statement supports legislative changes by the Government within the Financial Services and Markets Act 2023. Once the new gateway comes into effect, all authorised persons that want to continue to approve financial promotions for unauthorised persons will need to apply to the FCA for permission to do so (subject to certain exemptions).

The FCA has made several targeted changes to its proposals for implementing this gateway in response to consultation feedback. The finalised approach, set out in the policy statement, includes:

• how the FCA will assess applicants at the gateway and the basis for granting or refusing applications
• reporting requirements for firms that are granted permission to approve financial promotions
• not extending the compulsory jurisdiction of the Financial Ombudsman Service to the approval of financial promotions
• updates to the FCA’s non-Handbook guidance for firms that approve financial promotions for investments
• a review of the approach within 24 months of the rules coming into force.

This new regime will affect authorised persons who approve, or intend to approve, financial promotions for unauthorised persons. It will not affect authorised persons that only approve their own financial promotions for communication by an unauthorised person, the financial promotions of their appointed representatives (ARs) for the regulated activities they have accepted responsibility for, or the financial promotions of unauthorised persons within their corporate group.

The FCA intend for firms to be able to submit applications for permission to approve financial promotions from 6 November 2023. The initial application period will close on 6 February 2024, and on the following day, 7 February 2024, the new legislation will be implemented and firms that have not applied to the gateway will no longer be able to approve financial promotions (subject to exemptions).

The FCA also published a webpage: Applying to approve financial promotions for unauthorised persons

On 25 September 2023, the FCA published Consultation Paper 23/20: Diversity and inclusion in the financial sector – working together to drive change. The PRA has also published its own proposals, which are intended to be consistent and coordinated with the FCA’s consultation.

The consultation sets out proposals to better integrate non-financial misconduct (NFM) considerations into staff fitness and propriety assessments, Conduct Rules and the suitability criteria for firms to operate in the financial sector (Threshold Conditions).

The FCA also propose to require certain firms to:

• report their average number of employees to the FCA on an annual basis
• collect, report and disclose certain D&I data
• establish, implement and maintain a D&I strategy
• determine and set appropriate diversity targets.

The proposals would apply differently to firms depending on their number of employees, their categorisation under the Senior Managers and Certification Regime (SM&CR), and whether they are dual regulated. Smaller firms with fewer than 251 employees would be exempt from many of the requirements.

A sample template of the report is available and there are further guidance notes in Annex 4 of the Consultation Paper.

The specific outcomes the FCA is looking to achieve are:

• healthier firm cultures
• reduced groupthink
• new talent unlocked
• greater understanding of, and provision for, diverse consumer needs.

The consultation closes on 18 December 2023 and the FCA will review the feedback and develop final regulatory requirements for publication in a Policy Statement in 2024. The FCA proposes that the rules on disclosure will come into force 12 months after the final rules are published.

On 27 September 2023, the FCA published its findings on its review of how firms offering restricted mass market investments (RMMIs) have complied with new rules on the customer journey. The FCA identifies the following examples of good and poor practice for the wider sector to consider and make any necessary changes to their own practices.

Incentives to invest

The rules prohibit firms from communicating or approving a financial promotion which offers any monetary or non-monetary incentive to invest in high risk Investments. For example, offering referral bonuses, free gifts or cashback to consumers for investing.

Examples of good practice include having strong processes for oversight of any investor benefits which are exempt to ensure that they are limited to products or services that are genuinely produced or provided by the investee firm.

Examples of poor practice include not properly considering the full range of incentives offered by the firm against the ban, particularly those that are not paid immediately on sign up or that don’t require a consumer to invest to qualify.

Cooling-off period

Firms must include a cooling-off period for new consumers who request to see a direct offer of financial promotion.

Examples of good practice include:

• giving clear information that there is a cooling-off period, and the reason for the cooling-off period
• giving clear information once the cooling-off period has ended
• blocking the consumer from being able to view investment opportunities during the cooling-off period to allow consumers to make a considered decision on whether to proceed

Examples of poor practice include:

• not giving consumers the express option to proceed with or leave the investment journey at the end of the cooling-off period
• giving greater prominence to the option to proceed with the consumer journey, compared to the option to leave
• having inconsistent cooling-off arrangements across different communication channels,for example, options communicated by email differ from those displayed online
• requiring consumers to take additional steps to leave the investment journey compared to proceeding with it, for example, being required to provide further confirmation to leave the journey (such as an ‘are you sure?’ question) but not to proceed with it.

Risk warnings

Firms should ensure that they give a personalised risk warning at the required point in the onboarding journey.

Examples of good practice include:

• including additional warnings at points in the journey where the firm felt it would aid consumer understanding of the risks
• firms offering multiple RMMIs have altered their risk summary appropriately for their products -where the products are significantly different, the firm gives different risk summaries for each product type.

Examples of poor practice include:

• changing the wording of the risk warnings to deviate from the wording prescribed in the rules
• the risk warnings not meeting prominence requirements or including design features that reduce the prominence of the risk warnings.

Categorisation

Most of the firms reviewed had implemented a robust process for ensuring consumers were able to self-categorise appropriately and provided correctly worded categorisation statements. Firms should not ignore information from the consumer suggesting that they may be incorrectly categorised.

Examples of good practice include:

• using additional resources such as Companies House or the FCA Register to verify information provided by consumers self-categorising as sophisticated
• providing additional tools to help consumers understand and calculate their net worth
• where consumers do not meet the criteria of the available categories, informing them that the RMMI is likely to not be appropriate for them and to consider seeking financial advice.

Examples of poor practice include:

• consumers who indicate they do not meet the criteria for any of the available categories are invited to repeat the categorisation, rather than being informed that the investment is probably not appropriate for them
• pushing or leading consumers through the categorisation process by suggesting responses that meet the criteria of the category instead of allowing the consumer to volunteer the information
• pre-categorising consumers by assuming a category based on information already given to the firm and immediately placing the consumer into this category
• re-naming the categories or describing the categories in a way that downplays the risks of investing.

Appropriateness

The FCA’s rules are not prescriptive about how the appropriateness assessment should be conducted and, as a result, firms had adopted a wide variety of different approaches.

Examples of good practice include:

• approaching the design of the assessment holistically with its overall purpose in mind – ensuring the assessment delivers a fair and objective outcome
• where the firm has altered the risk summary to be more suitable for the RMMI offered, the topics of these alterations are covered in the assessment
• where the firm has amended the risk summary to include specific features of the RMMIs offered by the firm, the appropriateness assessment includes questions that cover these features
• re-assessing consumers who registered with the firm before 1 February 2023 but have not yet invested in the RMMI
• giving consumers access to relevant resources to be able to research and understand the products and risks
• having a limit on the number of times a consumer can ultimately attempt the assessment before being told that the RMMI is likely to be inappropriate for them.

Examples of poor practice include:

• asking leading or simplistic questions that direct the consumer to the correct answer
• assessments that do not cover all appropriate points outlined in the relevant COBS 10 Annex, or aspects of the RMMI that the firm has added to the risk summary
• where the assessment questions are selected randomly from a bank of questions, not ensuring that all relevant topics are covered in every iteration of the assessment
• after two failed assessments not including at least a 24-hour cooling off period after every subsequent assessment
• where the assessment does not require all questions to be answered correctly, the consumer is able to incorrectly answer questions that fundamentally show that the RMMI as not appropriate for them, yet they are able to pass the assessment
• the consumer is able to reasonably infer the correct answer to the question
• firms not having robust processes in place for consumers who contact the firm to request answers to the assessment questions or to circumvent any lock outs
• staff are inadequately trained to consistently and robustly review assessments where the firm must manually score them.

On 28 September 2023, the FCA published information on improving the appointed representatives regime through greater use of data.

The publication includes data from the FCA’s 2021 and 2022 data requests sent to principal firms and authorisation information collected from firms. It also outlines how the FCA is improving the Appointed Representatives’ regime (AR regime) and what it expects from firms.

Currently, there are around 2,900 principals with approximately 35,000 ARs. Around 14,000 are Introducer ARs (IARs). IARs are ARs who can only undertake limited activities (making introductions and distributing financial promotions) on behalf of the principal.

In asset management and alternatives portfolios the FCA has seen ARs seconded as investment advisers to funds managed by the principal or a connected firm.

This secondment model is used by firms in the wholesale and consumer investments sectors. The model involves individuals employed by ARs being seconded to the principal firm, therefore allowing those individuals to carry out regulated activities that the ARs themselves may not be allowed to undertake. For example, the model has led to the emergence of ARs marketing themselves as investment managers, wealth managers and stockbrokers, despite ARs expressly being forbidden from carrying out these activities under the FCA’s current rules.

The FCA’s review of principal firms in the investment management sector highlighted that principal firms were not always identifying and managing inherent conflicts of interest. There was evidence that some firms hadn’t put in place appropriate control and risk management frameworks, including people with sufficient expertise, to oversee the alternative investment funds (AIFs) and the activities of the seconded portfolio managers. The FCA has concerns about this hosting model and will continue to assess the risks associated with it.

There were 4 skilled persons reviews on principal firms in the asset management and alternatives portfolios were ongoing across the year ending 31 March 2023. These reviews focus on testing governance and systems and controls, including recruiting and monitoring ARs.

The new rules clarify and strengthen the FCA’s expectations on principals’ oversight of ARs, including making sure they have adequate systems, controls and resources.

Principal firms should make sure they are complying with the new rules and are ready for changes – see Policy Statement for details.

Overview of new rules:

• Enhanced oversight requirements:apply enhanced oversight of ARs, including ensuring having adequate systems, controls, and resources.
• Annual self-assessment:prepare a single document demonstrating compliance with obligations as a principal, identifying any risks and gaps. The firm’s governing body should review and sign off this document at least annually.
• Annual review of AR’s activities and business:annually review information on the ARs’ activities and business, including the fitness and propriety of senior management, the ARs’ financial position and the adequacy of the principal’s controls and resources to effectively oversee the AR.
• Review oversight approach: principals should review whether their oversight remains appropriate in certain situations, for example, where the size or volume of the AR business involving regulated activity increases significantly in a short period of time.
• Notification of planned AR appointments:notify the FCA of an intended AR appointment 30 calendar days before it takes effect. The new forms gather more detailed information.
• Annual reporting:provide complaints and revenue information for each AR to the FCA on an annual basis and confirm AR details are correct as part of annual attestation.

On 28 September 2023, the FCA published A Dear CEO letter on its strategy for corporate finance firms, which states the following priorities:

• Client categorisation:it will undertake targeted reviews of firms’ client categorisation practices to ensure their processes are effective and follow procedures for the quantitative and qualitative tests required under COBS 3.5. It will ask firms to provide evidence of compliance with COBS 3.5.3R, which sets out the requirements for a firm to treat a client as elective professional; of particular concern is where COBS 3.5.3R(3) is not followed, as in such cases the firm does not have evidence that the client wishes to be treated as professional and understands the protections and rights they may lose. The FCA will challenge firms where we are not satisfied that retail clients are appropriately categorised or where they are not satisfied that they have the right customer type permissions for their business model.
• The Consumer Duty: the FCA’s initial focus will be on firms with retail clients. Where firms have retail clients and have not considered the Duty or considers that it is not impacted by the Duty, the FCA will ask them to explain their rationale and approach. The FCA may ask to see relevant analysis about how the Duty applies and the firm’s approach to complying with the rules. Where firms fail to comply with the Duty, it will also hold senior management to account.
• Dealing with problem firms: the FCA will contact firms that do not appear to be using their regulatory permissions to understand why they need them and will invite firms to vary or cancel their permissions where appropriate. Where firms do not do so voluntarily, the FCA will use its powers to remove firms’ unused permissions and prevent firms from misleading consumers. The FCA expects Corporate Finance Firms to have the corporate finance business limitation to their designated investment business or retail customer type permissions if this reflects the firm’s business model. The FCA will be inviting firms that its thinksshould but do not have this limitation to vary their permissions accordingly.
• Market abuse: The FCA has been conducting reviews of firms’ systems and controls to comply with certain aspects of UK MAR, their PAD policies and conflicts of interest obligations. Typically, the FCA focuses on their design and operational effectiveness in selected transactions. In these reviews, it seeks to understand the firm’s role in the transactions and the firm’s systems, controls, policies and procedures both generally and in relation to the transactions. It is particularly interested in understanding the firm’s approach to the creation and maintenance of insider lists, the maintenance of access logs, wall crossings, and the carrying out of market soundings. Depending on its observations, it may extend the scope of its review to the firm’s compliance and governance arrangements. The regulator expects compliance functions to be actively challenging and monitoring firms’ activities and to systematically escalate and inform senior management of issues in the area of market abuse, conflicts of interest and PAD.

By the end of November 2023, the FCA expects corporate finance firms to have discussed with their directors and Board the contents of this letter and to have agreed appropriate actions and next steps.

Waystone has prepared a template Review and Report that corporate finance firms may use when preparing their report to the board on the FCA’s Dear CEO Letter.  If you would like to discuss obtaining a copy of this template please contact us at [email protected].

On 28 September 2023, the FCA published a Dear CEO letter on its platforms portfolio strategy, which provides an update of the FCA’s view of the key harms in this sector, their expectations of platform providers and a summary of the work the FCA intends to do.

The letter identifies the following key harms:

• Fees and charges may not represent fair value, especially when looking at customers with different size investment pots and taking into regard platforms’ role in the distribution chain. Platform fees are also not properly disclosed, making it difficult for customers to have a clear understanding of what they are being charged. This also makes it harder for customers to make judgements on the value of the products and services they are paying for.
• Platform firms do not have sufficiently robust systems and controls to protect customers from loss of investment savings or personal data due to fraud and/or cyber-attacks.
• The average time it takes customers to transfer their investments and savings between platforms has improved for some firms in the portfolio, but more needs to be done to ensure average transfer times are shorter for all customers.
• Platform firms’ historic failure to conduct proper due diligence of non-standard assets (NSAs) has led to customers holding unsuitable high-risk investments. The FCA is concerned that firms are not properly acknowledging or accurately calculating their liabilities relating to NSAs, which could lead to delays in customer redress payments and increase the potential for firm failure.
• Customers lose access to platform services due to system outages or other operational resilience failures. This is of particular concern when platforms are undergoing significant IT upgrades or conducting re-platforming exercises.

Emerging risks of harm

• Where interest payments are accrued on customers’ cash balances held by firms, this should be carefully considered as part of fair value assessments and to ensure appropriate disclosure, especially in the current economic environment of higher interest rates. The FCA’s expectation is that firms deliver fair value to customers and support consumer understanding in line with the requirements of the Consumer Duty.
• The emerging trends in the market for executing investment transactions online by retail customers have seen the growth of online trading applications platforms (Trading Apps). The FCA’s recent focused studies found business practices akin to ‘gamification’, that overly encourage risky short term trading including brokerage deals that fail to deliver best value for customers. The FCA’s expectation is that firms should maintain controls and capabilities to understand and effectively monitor customers’ trading activities, ensure customers are adequately informed of relevant risks and protect customers from reckless trading and scams.

The FCA will target their supervisory focus over the next year and, going forward, on firms where there are indicators and/or evidence of failings relating to the obligations and expectations above. Firms can expect to be asked to demonstrate how they have taken this letter into account in the firm’s work plan. The FCA also expects to be informed proactively by firms if work done on the above points result in remedial action or identification of harm.

On 29 September 2023, the FCA published Handbook Notice 112, which includes changes to IFPR, through the Investment Firms Prudential Regime (Amendment) Instrument 2023.

Following consultation in CP23/14, the FCA Board has made changes to the Handbook sections listed below:

• MIFIDPRU 7.6
• MIFIDPRU 7.7
• MIFIDPRU 7.9,
• MIFIDPRU 9 Annex 1R,
• MIFIDPRU 9 Annex 2G.

This instrument makes changes to the FCA Handbook to clarify how to calculate the own funds threshold requirement and the liquid asset threshold requirement. The instrument also clarifies when a consolidated internal capital adequacy and risk assessment (ICARA) process may be required for an investment firm group and updates the ICARA questionnaire and the numbering of the MIF007 form. The changes are intended to strengthen firms’ understanding of the requirements and simplify the reporting process.

This instrument came into force on 29 September 2023.

On 19 September 2023, the Bank of England published a speech: Competitiveness and Growth: continuing the conversation by Victoria Saporta, given at the conference on the role of financial regulation in international competitiveness and economic growth held at Bank of England.

The new secondary Competitiveness and Growth Objective for the PRA is about harnessing the UK’s strengths as a global financial centre by strengthening the following three foundations:

• maintaining trust in the PRA and the UK prudential framework
• adopting effective regulatory processes and engagement
• adopting a responsive approach to UK risks and opportunities.

The PRA will publish its approach to prudential policy later this year, as well as its overall approach to metrics.

On 13 September 2023, the European Commission published an initiative that will amend the thresholds in the Accounting Directive for determining the size category of a company to account for the impact of inflation.

Since 2013, these size thresholds have remained unchanged. An increase will result in micro, small and medium-sized enterprises not being made subject to many EU financial and sustainability reporting provisions applicable to larger companies.

The initiative intends to adjust the size criteria by 25% to account for inflation as follows (before rounding up):

The feedback period ended on 6 October 2023.

On 5 September 2023, the FCA published the terms of reference (ToRs) for the review of the treatment of domestic politically exposed persons (PEPs).

The review will assess how firms are meeting the anti-money laundering (AML) legislation and the FCA’s guidance to conduct proportionate and risk-based due diligence on their clients.

The FCA are carrying out this review because of concerns that firms may not be treating customers individually as directed by both the legislation and FCA guidance.

This matters as individuals may find themselves excluded from products or services through no fault of their own. As well as potential unfairness, this also potentially harms the reputation of the UK’s financial services sector.

The review will seek input from UK PEPs, and their family members and known close associates. It will assess firms’ arrangements, to capture firms where there is intelligence that indicates concerns in their conduct with PEPs.

The FCA will take prompt action if it identifies any significant problems in the arrangements of any firm assessed and will share with HM Treasury the findings that may have bearing on the statutory framework.

The Findings will be published by 29 June 2024 and, if necessary, the FCA will initiate a consultation on revised guidance. This review is being conducted in compliance with Section 78 of the Financial Services and Markets Act 2023.

On 4 September 2023, the UK House of Commons debated the House of Lords’ amendments to the Economic Crime and Corporate Transparency Bill. The Bill introduces the failure to prevent fraud (FTPF) offence, which will make an organisation liable if it fails to prevent a specified fraud offence from being committed where:

• an employee or other associated person (e.g. a contractor, subsidiary or supplier) commits the fraud
• the fraud is intended to benefit the organisation or a person to whom services are provided on behalf of the organisation.

The Bill includes a defence where the organisation is able to demonstrate that it had “reasonable” procedures in place to prevent the fraud.

The offence applies to all “Large Companies” as defined – not just Authorised Persons.  A Large Company is one that meets two of the three following tests:

• turnover in the preceding financial year exceeds £36m
• balance sheet total in the preceding financial year exceeds £18m
• number of employees exceeds 250 in the preceding financial year.

It also captures entities if their Parent Undertaking meets these tests on an aggregate basis.

The Bill is currently at the “ping-pong” stage.  Before the offence comes into force the Home Office will be required to publish guidance to set out what would be considered reasonable fraud prevention procedures, clarifying the expectations on business.

On 6 September 2023, the FCA published its key findings from its assessments of sanctions systems and controls in financial services firms in their response to increased sanctions due to Russia’s invasion of Ukraine.

The FCA include examples of good practice and areas for improvement, to help firms deliver even greater compliance with sanctions, under the following themes:

Governance and oversight: firms that had taken advanced planning for possible sanctions before February 2022 were in a better position to implement UK sanctions at speed. The ability to monitor and review the effectiveness of sanctions implementation through management information (MI) is important, as is ensuring that sanctions reporting is calibrated to the UK regime. Some firms are still not able to show that they are providing senior management with sufficient information about their exposure to sanctions or are reliant on global sanctions policies which are not aligned with the UK sanctions regimes. In these cases, the FCA expects improvements to be made.

Skills and resources: sanctions teams need to be properly resourced to avoid backlogs in dealing with sanctions alerts and enable a quick reaction to sanctions risks. Some firms still lack adequate resources to ensure effective sanctions screening. Firms that have significant backlogs are at greater risk of non-compliance with sanctions obligations.

Screening capabilities: sanctions screening tools need to be adequately calibrated and include the necessary requirements under the UK regime. The FCA found that certain firms demonstrated their sanctions screening tools were properly calibrated. However, some firms showed poorly calibrated or tailored screening tools, with some firms also too reliant on third party providers with ineffective oversight over them. Screening tools, whether developed by firms or from third party providers, will be more effective if they are appropriate for the UK sanctions regime and calibrated to the risks faced by a firm.

Customer Due Diligence (CDD) and Know Your Customer (KYC) procedures: effective CDD and KYC are a cornerstone of effective compliance with sanctions requirements. The FCA found instances of low quality CDD and KYC assessments and backlogs. This can increase the risk of firms not identifying sanctioned individuals. For example, by a failure to identify connected parties or corporate structures that are sanctioned.

Reporting breaches to the FCA: the FCA expects firms to make timely and accurate reporting to it on potential sanctions breaches. The FCA found that the timeliness of reporting potential breaches or relevant sanctions information was inconsistent across firms.

The FCA expects firms to:

• consider the findings, evaluate their firm’s approach to identifying and assessing sanctions risks, and take action where appropriate
• read the FCA’s Financial Crime Guide(in particular Chapter 7) and SYSC 6.3 of the FCA Handbook, its Sanctions webpages, and the guidance produced by the Joint Money Laundering Steering Group (JMLSG).

Engage with the FCA in its testing of firms’ sanctions systems and controls, and report to it any significant deficiencies identified in such processes.

On 14 September 2023, the European Commission launched a targeted consultation (public bodies and stakeholders who are more familiar with the SFDR and the EU’s sustainable finance framework as a whole) and a public consultation (addressed to a broader range of stakeholders), to seek feedback on the Sustainable Finance Disclosure Regulation (SFDR). The SFDR, which has been in application since March 2021, sets out how financial intermediaries, such as asset managers, must communicate sustainability information to investors. It is designed to bring more transparency to the market and enable investors to make informed choices.

The consultation covers the following topics and respondents’ rate from 1 – 5 of how strongly they agree with the questions and statements:

1. Current requirements of the SFDR
2. Interaction with other sustainable finance legislation
3. Potential changes to the disclosure requirements for financial market participants
4. Potential establishment of a categorisation system for financial product

The consultation will run until 15 December.

On 28 September 2023, the European Supervisory Authorities (ESAs) published their second joint report on the extent of voluntary disclosure of principal adverse impacts (PAI) under the Sustainable Finance Disclosure Regulation. The report finds that:

• while there is still a significant variation in the extent of compliance with the disclosure requirements both across FMPs and jurisdictions, the results of this year’s survey show an overall improvement in the application of voluntary disclosures
• compared to last year, disclosures appear also easier and more straightforward to find on websites andthe ESAs found that an area that requires improvement is regarding the explanation of non-consideration of PAIs, where explanations are still not fully complete and satisfactory
• where PAIs are considered, the disclosures on the degree of alignment with the Paris Agreement are still vaguely formulated
• the area which will deserve further analysis in the future iterations of this report is the voluntary disclosures of PAI consideration by financial products, where the level of understanding of such disclosures is limited.

Next steps

The European Commission may want to consider the ESA’s findings and take them into account in the context of its comprehensive assessment on the functioning of the SFDR. Future iterations of this report will also include an assessment of the PAI disclosure template and on the disclosure of engagement policies, which began being utilised on 30 June 2023. However, it is important to note that the main purpose of the future iterations will remain an assessment of how widespread those disclosures have become and point at best practices.