For the time being, all financial regulation deriving from EU laws will remain in place and changes on the horizon will still need to be implemented. The primary difficulty facing the financial sector is uncertainty as what exit plans will be put forward by the UK's politicians. We highlight four issues which could impact on business models deployed in the sector starting with access to the single market.

Access to the single market - the passporting regime

The European single market permits the free movement of goods, persons, services and capital throughout the territories of EU member states. Three non-EU states (Norway, Iceland and Liechtenstein) are part of the single market by virtue of the European Economic Area agreement.

Financial services businesses authorised in one EEA state can provide certain cross-border services and advice or set up a branch in another EEA state by exercising passporting rights derived from EU Directives which are applicable to banks, insurers, payment services or e-money providers, fund and investment managers. The main benefit of the passporting system is to provide access to the European single market without undertaking the full authorisation process with each host country's financial regulator, having a physical presence or having to hold separate pools of capital in each jurisdiction. The passporting regime has been critical to the success of the UK financial services industry, enabling firms to establish their European business in the City or the UK's regions, employ skilled workers and export their services to the single market. The UK's Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) are home state regulator to many firms headquartered in the UK which passport their services into other EEA states.

Does Brexit threaten passporting?

Upon exiting the EU, the UK would cease to be part of the single market. A question therefore arises as to how UK authorised firms will be able to provide their services across the EU and also, whether firms headquartered outside of Europe will locate, or re-locate, their European operations to a non-UK EU member state (most likely Germany, Ireland or France) in order to retain passporting rights. Fears of a mass exodus of bankers and traders from London have been raised.

In response, the former Chancellor of the Exchequer and leaders of international investment banks have released a joint statement noting that the UK has 'one of the most stable legal systems in the world, a brilliant workforce and deep, liquid capital markets unmatched anywhere else in Europe, all of which are underpinned by world class regulators.'

What are the options?

The only non-EEA state that is part of the single market is Switzerland, which has a number of disparate and independently negotiated bilateral agreements with the EU to gain limited access to certain parts of the single market and do not include passporting rights for financial services firms.

The most obvious alternative way to retain access to passporting is as a non-EU EEA country. For Norway this requires acceptance of free movement of people and contributing to the EU's budget with no control or influence over future EU law making. However, Theresa May has already declared the UK should look at reforming free movement of people if it is to stay in the single market. Therefore, the UK and EU are currently in a stand-off as to whether joining the EEA, or negotiating a trade agreement, without accepting free movement of people is possible. It is difficult to predict whether the current political stalemate can be unlocked.

What does the future hold?

In the immediate short term, existing EU based law will only cease to apply when the UK's withdrawal agreement comes into effect or two years after notice of intention to leave is given under Article 50 of the 'Lisbon' Treaty on European Union (unless member states unanimously agree to an extension). Therefore, current financial regulation continues to apply including that which comes into force between now and withdrawal. In particular, the Markets in Financial Instruments Directive II ('MIFID') and the Markets in Financial Instruments Regulation ('MIFIR') which will come into effect in early 2018 before the UK leaves the EU.

MIFIR and MIFID II are wide ranging covering data reporting, position limits for trading and over-the-counter (OTC) contracts, the operation of trading facilities, adviser independence, charging transparency, execution-only business and protections for local authorities. However, they also introduce new rules relating to how financial services businesses from 'third countries' outside of the EEA, which would include the UK in the absence of agreement otherwise, can access the single market.

The two-tier 'equivalence' solution

By 3 July 2017 the UK has to publish the measures it proposes to take to implement MIFID II and MIFIR which are due to come into force by 3 January 2018. These new rules will introduce a two tier system for financial services firms based in non-EEA countries ('third country firms') wishing to access the European single market. Access for third country firms will be divided into client types - more sophisticated 'per se' professional clients and eligible counterparties under MIFIR and less sophisticated elective professional and retail clients under MIFID II.

Under Article 47 of MIFIR, third country firms who are registered with the European Markets & Security Authority (EMSA) as coming from a jurisdiction which the European Commission has recognised as having 'equivalence' to the EU regime, will not need to establish a EU branch when providing cross-border services to more sophisticated per se professional clients and market counterparties. The UK is obviously well placed to prove equivalence and the Government may continue to announce measures, such as cutting corporation tax, which retain London's status as a global financial centre and incentivises firms to remain in the UK. However, the criteria for equivalence will evolve over time and the European Commission retains final discretion on the issue introducing political risk.

For business with less sophisticated elective professional and retail clients, third country firms will need to comply with a prescribed procedure for third country firm branch authorisation under Article 39 of MIFID II or national laws where Article 39 is not adopted (the UK and Germany are not expected to implement Article 39). However, there is no right for third country firms to use a single EU branch to provide cross-border services to less sophisticated elective professional and retail clients. In other words, a branch would be needed in each jurisdiction.

Disruption to the UK funds industry

If authorised in one single EEA member-state, Undertakings for the Collective Investment in Transferable Securities ('UCITS') funds can be sold on a cross-border basis using the passport regime. This has allowed UK financial institutions access to the EU single market and permitted UK asset managers to manage funds domiciled anywhere in the EU (commonly Ireland, Luxembourg or Malta).

However, there is concern as to the potential damage and disruption to the UK funds industry by the loss of the passporting regime. In particular, smaller UK focussed business without an offshore product range will not be able sell funds into the EU. Also, the EU may decide to impose more stringent rules on EU domiciled funds being run by UK asset managers in order to mitigate risks associated with investment management and support staff not being based in the fund's country of domicile. Costs would then rise as a result of having to deal with both UK and EU regulatory standards. It should be noted that there is currently no 'equivalence' regime in place for third country UCITS funds at the moment.

Brexit has the potential to challenge the UK's status as the asset management capital of Europe, where c.£1.2tn in assets are managed on behalf of European investors.

The UK Payments Market

There is also concern over whether Brexit could challenge the UK payments market. By virtue of its EU membership, the UK is a member of the Single Euro Payments Area ('SEPA'). SEPA is an initiative of the European banking industry with the purpose of:

  • creating a harmonised single market for processing payment throughout Europe; and
  • promoting competition among payment service providers and clearing mechanisms.

The current members of SEPA include all 28 EU Member States and the four European Free Trade Association (EFTA) member states. Given uncertainty surrounding the post-Brexit model for the UK’s relationship with the EU, it is unclear what the UK’s position would be in relation to SEPA.

The SEPA arrangements are available for Euro payments, but Sterling payments currently clear on domestic infrastructure. Therefore, UK banks are likely to want to continue accessing SEPA arrangements in order to deal effectively with their dominant position regarding Euro denominated payments. However, President Hollande of France has already stated that London will not be able to handle the clearing operations of the Eurozone.

Status of Employees

Following news of banks contingency planning by shifting operations out of the UK following Brexit, there has been much concern voiced over employment issues. The financial services industry employs 3m people in the UK with many workers originating from other countries in the EEA. There is risk that new rules could be imposed on EEA nationals seeking to live and work in the UK. These rules could impose a number of requirements on these workers, such as formal requests for work authorisation. In turn, UK employees working in the EEA could encounter similar requirements. For a more detailed analysis on the potential impact of Brexit on UK employment law, see our recent article.

Data Protection

At present, firms can transfer data to a firm within the EEA with minimal restriction. The European General Data Protection Regulation ('GDPR') has now been officially adopted, and comes into full effect in 2018. The GDPR replaces the existing Data Protection Directive.

The new regulations will affect all businesses with operations within the EU. Therefore, following Brexit, UK-based businesses must familiarise themselves with the GDPR in order to be prepared for it to come into effect.

The terms agreed following the Brexit negotiations may also present restrictions on the transfer of customer data between the UK and the rest of the EEA. Therefore, businesses should consider whether the appropriate consents from customers need to be obtained.