In our first investment funds law newsletter for 2018, Matheson's Asset Management and Investment Funds Department would like to brief you on a number of recent developments and upcoming regulatory deadlines.

New Central Bank Filing Process for UCITS Risk Management Process Document

The Central Bank of Ireland ("Central Bank") has advised that draft UCITS Risk Management Process ("RMP") documents will no longer be reviewed by the Central Bank as part of the authorisation / application process.  This change in policy follows the Central Bank's thematic review in December 2015 of how effectively UCITS implement their RMPs, which also considered the Central Bank's review procedure.

UCITS must now complete an RMP application form to verify that all of the legislative and regulatory requirements relevant to the RMP are in place.  This form, together with the final signed RMP must be submitted by 12 noon on the proposed day of authorisation of the UCITS or, in the case of a sub-fund, on the day of approval of the sub-fund.

The Central Bank has advised that ad hoc reviews of individual RMPs will be carried out periodically to assess quality and compliance standards.  The RMP may also be subject to on-site inspection and the Central Bank has indicated that it may conduct further thematic reviews in this area.

This change applies with immediate effect and applies to UCITS which are currently in the application process.  We have been advised by the Central Bank that they are currently assessing the application process for retail investor alternative investment funds ("RIAIFs"), but the same RMP filing procedure is likely to apply and the Central Bank will communicate with industry shortly in relation to this.

Central Bank Letters regarding Brexit Planning

On 6 November 2017, the Central Bank wrote to fund boards and the boards of management companies setting out its expectations regarding Brexit planning.  The Central Bank "expects firms to be well-advanced in their strategic and contingency planning for Brexit, and to have assessed the impact in a number of potential scenarios, where the UK ceases to be a member of the EEA, including a hard Brexit".

In its letter, the Central Bank states that it expects that the board will "play a pivotal role in overseeing and directing" Brexit planning.  It is advised that boards give consideration to the impact of Brexit on the management company / fund's business model and operations, financial resources and legal and regulatory structures, including any additional regulatory approvals that may be required from the Central Bank.

The Central Bank has requested that the board's considerations regarding Brexit planning be documented by no later than 28 February 2018.  The Central Bank may request the information for review purposes.

Administrators and depositaries have received similar letters from the Central Bank requiring that contingency planning for Brexit be documented by the end of February.

The Central Bank has also written to firms with a PRISM rating of "Medium-Low", requiring such firms to submit a written response to the Central Bank regarding Brexit planning by 28 February 2018.

Central Bank Deadline for Annual PCF / CF Confirmations

The Central Bank's Fitness and Probity regime requires regulated financial service providers ("RFSPs") including UCITS management companies, AIFMs and self-managed / internally-managed UCITS / AIFs,  to obtain an annual confirmation from all persons performing a pre-approval controlled function ("PCF") or controlled function ("CF") that the relevant individual is aware of the Fitness and Probity Standards ("Standards"), they agree to comply with those Standards and will notify the RFSP if they no longer comply.  This ongoing performance monitoring requirement is set out in the Central Bank's Guidance on Fitness and Probity Standards, available here.

We have been advised that the filing deadline for investment funds and fund service providers for the annual PCF confirmation is 28 February 2018.

Central Bank Management Company Guidance Deadline

UCITS management companies and AIFMs of funds established prior to 30 June 2017 and self-managed UCITS and internally managed AIFs established prior to that date must comply in full with the Central Bank Guidance for Fund Management Companies 2016 (CP86) (the "Guidance") by 1 July 2018.

The Guidance sets out requirements relating to the streamlining of managerial functions to six managerial functions, the performance of the organisational effectiveness role, effective supervision and the retrievability of records, as well as guidance on delegate oversight and directors' time commitments with which all funds must already be compliant.  For further information on the Guidance, please see our briefing note.

Central Bank ETFs Conference

On 29 November 2017, the Central Bank hosted the "Exchange Traded Funds – Stability and Growth" conference.  The conference follows the publication of the Central Banks discussion paper on exchange traded funds ("ETFs") in May 2017, in which the Central Bank signalled its intention to lead an international exchange of views on ETFs.

The November conference was addressed by ETF industry representatives and international regulators, including the US Securities and Exchange Commission, the UK Financial Conduct Authority, the French Authorité des marches, the European Securities and Markets Authority and the International Organisation of Securities Commissions ("IOSCO").

IOSCO has stated that it will launch a review of the ETF industry in early 2018 with a view to making new recommendations that will strengthen the oversight of ETFs.  The Central Bank will work in conjunction with international regulatory bodies in respect of ETFs during 2018 and is expected to issue further publications in this area during the year.

Further information on the issues raised in the Central Bank's discussion paper on ETFs is available in our detailed briefing note.  Matheson was closely involved in the Irish Funds response to the Central Bank discussion paper.

Central Bank Publishes Third AML Bulletin on Discontinuance of a Business Relationship

In December 2017, the Central Bank published its third Anti-Money Laundering Bulletin.  The bulletin addresses the topic of the discontinuance of a business relationship where there is a failure to provide customer due diligence ("CDD") documentation or information.

The Central Bank has provided guidance for firms on how to deal with both new and existing customers where a firm is unable to identify and verify a customer's identity due to the failure of that customer to provide the necessary CDD documentation.  In such circumstances, firms are prohibited from providing any service or carrying out any transactions for that customer while the documentation remains outstanding.  The firm must also take action to discontinue the business relationship with the customer.  The Central Bank expects that firms will have remediation plans in place in order to obtain the outstanding documentation and / or information.  The Central Bank bulletin may be accessed here.

Central Bank Supervisory Priorities for 2018

In a speech delivered in November 2017, Mr Gerry Cross, Director of Policy and Risk at the Central bank, outlined the Central Bank's supervisory priorities for 2018.

Brexit: Mr Cross referred to the Central Bank's engagement with self-managed funds and fund management companies on Brexit preparedness, as referred to above.  He stated that firms relocating EU activities from UK based firms will remain a key focus and that the Central Bank will continue to adopt an approach of transparency, rigour and pragmatism in respect of Brexit related authorisation processes.

MiFID II Implementation:  The Central Bank has developed new analytics capabilities to enhance its surveillance of financial markets using both new data available and its increased regulatory powers.  As part of its surveillance strategy, Central Bank supervisors will be engaging with market operators and participants early in 2018 to assess and monitor MiFID II compliance.  The Central Bank will carry out targeted visits, full risk assessments and thematic reviews.

IT and Cyber Risk: The Central Bank's dedicated unit performing onsite IT inspections has an expanded remit beyond banks this year which will encompass fund firms.  Firms can expect to see a continued focus by the Central Bank on IT and cyber risk, including firm's resilience capabilities, business continuity and disaster recovery.

Outsourcing: Following on from the Central Bank's cross-sectoral survey on outsourcing in October 2017, the Central Bank is assessing the extent, nature, concentration and complexity of outsourcing arrangements and emerging trends.  Where the Central Bank identifies risks that are above its tolerance levels, firms can expect "enhanced engagement".  Examples of the risks that the Central Bank believes can arise from outsourcing are concentration risk, governance and oversight risk, contingency planning risk and "mind and management" risk.

FinTech: The Central Bank has set up a cross-bank FinTech Group, which will continue to look at technological innovation across the range of sectors and activities and seek to ensure that we have a holistic view of those developments and how the Central Bank is responding to them.

Conduct, behaviour and culture:  The Central Bank will enhance its focus on this area across all sectors, with a view to assessing how to improve accountability for cases of behaviour falling below expected standards.

Mr Cross's speech may be accessed here.

Are you GDPR Ready?

There are now just under four months until the General Data Protection Regulation applies on 25 May 2018.  The significant strengthening of data protection rules which is inherent in the GDPR, and in particular the sanctions that will apply, emphasise the need to ensure that each organisation has full insight into the data flows concerning investor and other personal data which it controls or processes.  Appropriate notifications, processing arrangements, transfer arrangements and security arrangements will need to be put in place to ensure the fundamental rights and freedoms of persons when processing their personal data.

The starting point for any GDPR compliance project is therefore an understanding of the "what, why, how and where" of current personal data processing by each organisation.  At a minimum, for funds and their various service providers, this will require a review in advance of 25 May 2018 of all subscription agreements, prospectus disclosures, website terms and service provider and data transfer agreements to enable both controllers and processors within each fund's universe to demonstrate compliance with their respective obligations under the GDPR.

A further consideration for fund firms is whether to appoint a data protection officer ("DPO") and how this consideration ought to be documented.  In relation to fund service providers, to avoid the risk of being deemed a data controller, service providers such as administrators will need to ensure that they do not process data outside the scope of the relevant contract.  Further information on the requirements of the GDPR is available in our detailed briefing note.

Appointment of New Matheson Asset Management Department Partner

The Asset Management Department is pleased to announce the appointment of Donal O'Byrne as a new partner to the firm as of 1 January 2018.  Donal has extensive experience advising a wide range of domestic and international clients in relation to the structuring, establishment, listing and distribution of Irish investment vehicles and fund products including UCITS, AIFs, ICAVs, managed account platforms, master feeder structures, fund of funds and other bespoke structures.  Donal is a member of the Irish funds industry association's Packaged Retail and Insurance-based Investment Products ("PRIIPs") Working Group.

Monterey Insight Ranks Matheson as Ireland's Leading Funds Practice for Seventh Year Running

Matheson's Asset Management and Investment Funds Department has been ranked by independent research as Ireland's leading practice by assets under management for the seventh year in a row. The Monterey Insight Ireland Fund Report 2017 report reveals that Matheson acts for 29% of Irish domiciled investment funds by assets under management as at 30 June 2017. Please see our press release for further information.

Horizon Scanning for Investment Funds 2018

Our horizon scanner outlines anticipated dates for legal and regulatory developments and deadlines impacting the asset management and investment funds industry in 2018.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.