FinTech Global Regulatory Round-up – w/e 4 March 2022

BoE updates technical resources for ISO 20022 migration

The Bank of England (BoE) has updated its webpage Technical resources for the migration to ISO 20022 with news that it has published a revised Truncation Risk Remedial Framework, including a revised Memorandum of Understanding (MoU) between CHAPS Direct Participants alongside Whitelabel Communications and Technical Guidance. The revisions reflect the updated timetable and approach to ISO 20022 migration. The documents aim to mitigate the limited risk of data truncation in CHAPS that will occur between November 2022 and April 2023. [4 Mar 2022]

#ISO20022

FCA: Consumer investments data review

The FCA has published the data in relation to its consumer investments data review for the period from April to September 2021. During this period, the FCA received 16,400 enquires about possible scams, up nearly a third from the same period in 2020. The top types of scams being reported to the FCA included cryptoasset, boiler room and recovery room scams. The FCA has also revealed that over six months, it opened over 300 cases relating to possible cryptoasset businesses not registered with the FCA, many of which may be scams, and that it has 50 live investigations, including criminal probes, into unauthorised businesses. [3 Mar 2022]

FCA: SCA reauthentication exemption

The FCA has updated its webpage on Strong Consumer Authentication (SCA) to include a new section on the SCA reauthentication exemption. In Policy Statement 21/19 (PS 21/19), the FCA introduced a number of changes to the Regulatory Technical Standards (RTS) on SCA and Secure Communications (SCA-RTS). This included a new exemption, under Article 10A, which – if adopted by account servicing payment service providers (ASPSPs) – will mean customers will not need to reauthenticate when they access their account information through a third party provider (TPP). Instead, TPPs will be required to obtain explicit consent from customers at least every 90 days.

The FCA is encouraging ASPSPs to apply the exemption as soon as possible once it comes into effect on 26 March 2022, with a view to widespread adoption by 30 September 2022. The FCA expects TPPs to be technically ready to reconfirm customer consent under Article 36(6) of the SCA-RTS as soon as possible after 26 March 2022. However, up to 30 September 2022, the FCA will not object if TPPs do not reconfirm customer consent, provided that SCA is applied at least every 90 days during that period. [2 Mar 2022]

#SCA

PRA: Speech by Charlotte Gerken on 2022 insurance supervisory priorities

The PRA has published a speech by Charlotte Gerken, Executive Director, Insurance Directorate, in which she comments on selected themes from the PRA's letter of 12 January which set out its supervisory priorities for the insurance sector in 2022 – climate change; diversity and inclusion (D&I); operational resilience; and the operation of non-EU banks in the UK. Ms Gerken's remarks included confirming a number of ongoing and forthcoming PRA activities, including that: the PRA will publish a report on the Climate Biennial Exploratory Scenario (CBES) in May; the PRA continues to explore whether there are changes needed to the current capital framework to appropriately capture climate risk; and, in further development of the operational resilience agenda, the PRA and FCA will launch a joint discussion paper in 2022 on how financial regulators can address the risks posed by critical third parties. [2 Mar 2022]

ASA: Ruling on Floki Inu cryptocurrency advertisement

The Advertising Standards Authority (ASA) has published a ruling upholding two investigated issues caused by an advertisement by Floki Inu, a cryptocurrency. The ASA found that the advertisement was irresponsible because:

• the use of an image of a cartoon dog wearing a Viking helmet and the claim 'Missed Doge. Get Floki', exploited consumers' fears of missing out and trivialised investment in cryptocurrency; and
• it took advantage of consumers' inexperience or credulity.

The advertisement, therefore, breached rules 1.3 (social responsibility) and 14.1 (financial products) of the Committee of Advertising Practice (CAP) Code (Edition 12) and the ASA Council ruled the advertisement must not appear again in the form complained about. [2 Mar 2022]

DIT: UK and New Zealand sign new comprehensive free trade deal

The Department for International Trade (DIT) has announced that the UK and New Zealand have signed a new comprehensive free trade deal.

The texts of the Free Trade Agreement (draft explanatory memorandum) and associated documents are available here. The Financial Services Chapter includes commitments to facilitate cross-border financial services trade – including for the insurance and asset management sectors, ensures free flow of financial data across borders, promotes innovation in financial services in both countries and supports the promotion of sustainable finance.

The agreement is not yet in force. Both the UK and New Zealand are required to complete their respective domestic procedures for the agreement to come into effect. Once approved by both parliaments, businesses will be able to trade under its terms. [28 Feb 2022]

ASIC's corporate governance priorities and the year ahead

The Australian Securities & Investments Commission (ASIC) Chair Joe Longo has delivered a speech setting out ASIC's corporate governance priorities and the year ahead.

ASIC's priorities for this year include:

• working with other regulators, industry and social media platforms to combat and disrupt financial scams;
• addressing the deceptive promotion of riskier asset classes, such as crypto;
• disrupting investment 'gamification' on digital platforms;
• protecting financially vulnerable consumers impacted by predatory lending practices or high-cost credit;
• addressing misleading and deceptive conduct relating to investment products, including advertising through digital means that obscures the risk; and
• ensuring that consumers receive the benefits of the new design and distribution obligations.

The issues which ASIC is focusing on with regard to corporate governance include:

• governance failures relating to non-financial risk that result in significant harm to consumers and investors;
• cyber governance and resilience failures; and
• egregious governance failures or misconduct resulting in corporate collapse.

Mr Longo also discussed cyber risk, climate-change disclosure for listed companies, digital transformation, and, regulatory efficiency and streamlining ASIC's interactions with the regulated population. [3 Mar 2022]

#Digital

#CyberRisk

ASIC: ACSC encourages Australian organisations to urgently adopt an enhanced cyber security position

In a press release, ASIC highlighted that all ASIC-regulated entities should adopt an enhanced cyber security position in accordance with an alert from the Australian Cyber Security Centre (ACSC).

These steps should include:

• reviewing and enhancing detection, mitigation, and response measures;
• ensuring that logging and detection systems are fully updated and functioning;
• applying additional monitoring to networks where required;
• assessing preparedness to respond to any cyber security incidents; and
• reviewing incident response and business continuity plans.

ASIC stated it expects all boards, senior management, licensees and other regulated entities to pay heightened attention to their entity's exposure and progress on timely mitigation. Additionally, boards, senior management, licensees and other regulated entities should consider where they have an obligation to report breaches to ASIC or other government agencies, and also where disclosure to the market or in financial reports may be necessary. [1 Mar 2022]

MAS response to COS – Retail CBDC in Singapore

MAS has published its response to the Committee of Supply 2022 (COS) regarding a digital Sing dollar. MAS noted that it has been among the central banks 'at the forefront of experiments with central bank digital currencies (CBDCs), especially wholesale CBDCs'. However, in common with central banks in a number of other jurisdictions, MAS determined that the case for a retail CBDC for Singapore is 'not compelling' at this point in time. Explaining this decision, MAS commented that, while financial inclusion and payments efficiencies are frequently cited as reasons in support of introducing retail CBDCs, financial inclusion is 'not a significant problem in Singapore' and payments are 'pervasive, seamless and efficient'.

However, MAS said that it has not ruled out introducing a retail CBDC at some point in the future, and it continues to develop relevant capabilities in the CBDC space. [2 Mar 2022]

SECT amended regulations effective – custody of clients' digital assets

The Securities and Exchange Commission, Thailand (SECT) has announced that amended regulations on the custody of clients' assets in digital asset businesses became effective on 1 March 2022.  The amendments are intended to enhance investor protection. [2 Mar 2022]

Cryptocurrency Company Founder Indicted in Global $2.4 Billion Cryptocurrency Scheme

The Department of Justice (DoJ) has announced that a federal grand jury in San Diego returned an indictment charging the founder of a cryptocurrency company with orchestrating a global ponzi scheme. The company is an alleged fraudulent cryptocurrency investment platform that reached a peak market capitalization of $3.4 billion. According to court documents, the founder of the company misled investors about the company's "lending program." Under this program, the defendant and his co-conspirators touted the company's purported proprietary technology as being able to generate substantial profits and guaranteed returns by using investors' money to trade on the volatility of cryptocurrency exchange markets. As alleged in the indictment, however, the company operated as a ponzi scheme by paying earlier investors with money from later investors. In total, the defendants obtained approximately $2.4 billion from investors. [25 Feb 2022]