Key developments of interest over the last month include:

  • Nigeria: eNaira digital currency launched
  • United Kingdom: PSR publishes final report on card-acquiring services market review
  • United States: Federal Reserve launches tools and support in preparation for adoption of FedNow Service for instant payments in 2023

In this Newsletter:

For previous editions of the Global Payments Newsletter, please visit our Financial Services practice page.

Regulatory Developments

Nigeria: eNaira digital currency launched

On 25 October 2021, it was reported that Nigeria had launched its central bank-backed digital currency, called eNaira. The official eNaira launch by Nigeria’s President Buhari is available to watch online here. Nigeria is the first African country to launch a digital currency, and one of only a few countries globally to have done so. President Buhari said that the "use of CBDCs can help move many more people and businesses from the informal into the formal sector, thereby increasing the tax base of the country".

The new eNaira currency will be issued as legal tender and operates on the Hyperledger Fabric Blockchain. According to the central bank, customers will be able to download the eNaira app and transfer funds from their bank accounts to their mobile wallets. However, the central bank has also pledged to adapt the system for people who do not have bank accounts in a bid to boost usage in rural areas.

See the official eNaira website for more information.

United Kingdom: PSR publishes final report on card-acquiring services market review

On 3 November 2021, the Payment Systems Regulator (PSR) published its final report on its market review into card-acquiring services. The PSR highlights the importance of a correctly functioning card-acquiring market in the post-COVID-19 economy.​

The report concludes that the supply of card-acquiring services works well for the largest merchants with an annual card turnover above £50 million, but doesn't work well for small, medium and large merchants with an annual card turnover of up to £50 million who represent over 90% of the merchant population.​

Small and medium sized merchants face pricing issues (with limited or no pass-through from the Interchange Fee Regulation caps savings), a loyalty penalty, and problems with switching including lack of transparency, indefinite contracts, and POS terminal contract issues.​

The PSR suggests that outcomes could be improved for small and medium-sized merchants by encouraging them to search and switch or negotiate a better deal with their existing provider and also by reducing the obstacles to getting a better deal.

In terms of next steps, the PSR will publish a remedies consultation in early 2022 in which it will seek views and information from stakeholders. Following this, it will publish a provisional decision on remedies. The types of remedies might include:​

  • requiring greater transparency in relation to pricing;​
  • reducing complexity of pricing structures to enable easier comparison across different providers;​
  • compulsory end dates in card-acquiring contracts or “prompts” to encourage merchants to consider switching; and​
  • measures to ensure that POS terminal contract terms are the same length or shorter than those of the merchant’s card-acquiring service contract.​

See this Engage article by members of Hogan Lovells’ London office for more on the PSR’s final report.

United States: Federal Reserve launches tools and support in preparation for adoption of FedNow Service for instant payments in 2023review

On 20 October 2021, it was reported that the Federal Reserve has launched a set of new tools and resources for the US payments industry in order to promote education and innovation in instant payments and help in preparations for the adoption of the FedNow Service for instant payments when it is launched in 2023. The move comes as the use of instant payments continues to grow in popularity.

The new tools and resources include the following:

  • FedNow Explorer website. This is an educational platform for financial institutions and service providers.
  • Ecosystem Accelerator Group. This is a new user group within the FedNow Community which will provide a variety of payment service providers with the opportunity to ask technical questions, network and participate in discussions.
  • Service Provider Showcase. This will allow payment service providers to showcase their capabilities.

Bangladesh: Central bank authorises inward remittances

On 18 October 2021, it was reported that Bangladesh Bank, Bangladesh's Central Bank, had authorised the receipt of inward remittances through online payment gateway service providers (OPGSPs).

The circular issued by Bangladesh Bank states that authorised foreign exchange dealers are required to enter into an arrangement with internationally-recognised OPGSPs and maintain separate nostro collection accounts for each OPGSP. A nostro account is an account held by a bank in a foreign currency at a separate bank.

United Kingdom: HM Treasury consults on reform proposals under Financial Services Future Regulatory Framework Review

On 9 November 2021, HM Treasury (HMT) published a consultation with proposals for reforms to the UK’s financial services regulatory framework to keep it fit for the future and to reflect the post-Brexit landscape. The consultation is part of the government’s on-going Financial Services Future Regulatory Framework Review.

The consultation sets out the government’s response to the feedback received on its October 2020 consultation on Phase II of the FRF Review and makes a series of proposals to deliver the intended Review outcomes, ‘building on the strengths of the UK’s existing framework’ established under the Financial Services and Markets Act 2000 (FSMA).

In outline, the proposed changes are:

  • Introduction of a new secondary growth and international competitiveness objective for both the PRA and the FCA and amendments to the existing regulatory principles to clarify that growth should occur in a sustainable way that is consistent with the government’s commitment to achieve a net zero economy by 2050.​
  • UK regulators are to have responsibility for regulatory design and implementation.​
  • Introduction of enhanced mechanisms for accountability, scrutiny and oversight of the regulators by Parliament, HMT and stakeholders.​

HMT acknowledges that delivering the changes – particularly those relating to returning responsibility for designing and implementing regulatory requirements to the UK regulators - will be a ‘significant undertaking’. Many of the necessary changes will be delivered through an extensive programme of secondary legislation, which is likely to take several years.

The consultation closes on 9 February 2022.

For more on the consultation, take a look at this Engage article by members of Hogan Lovells' London office.

United Kingdom: Bank of England and HM Treasury to consult on potential UK retail CBDC

On 9 November 2021, John Glen MP, Economic Secretary to the Treasury, confirmed in a Written Ministerial Statement that the Bank of England (BoE) and HM Treasury (HMT) are to launch a formal consultation on a UK retail CBDC in 2022. A joint BoE/HMT statement was also published.​

Key points include:

  • The consultation paper will set out an assessment from HMT and the BoE of the case for a CBDC before a decision on whether to proceed. ​
  • The consultation will form part of a ‘research and exploration’ phase and will help to inform policy development over the next few years.​
  • The introduction of a UK CBDC would be a major national infrastructure project. The earliest date for launch would be in the second half of the decade. ​

The government is committed to continuing to work closely with international partners on the cross-border implications of a potential CBDC.

United Kingdom: HMRC publishes policy paper on Economic Crime levy

On 27 October 2021, HM Revenue & Customs (HMRC) published a policy paper on the establishment of an Economic Crime (Anti-Money Laundering) Levy. The new levy will apply to all persons set out in Regulation 8 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (2017/692). The list in Regulation 8 includes credit institutions and financial institutions.

The policy paper explains that the levy will first be charged on entities that are regulated during the financial year starting on 1 April 2022, and the amount payable will be determined by reference to their size, based on their UK revenue from periods of account ending in that year. Amounts will be payable following the end of each financial year. Therefore, first payments will be made in the financial year from 1 April 2023 to 31 March 2024.

The levy will be charged as a fixed fee, determined according to which of the following size bands an entity falls into:

  • Small-sized entities (under £10.2m UK revenue) will be exempt from the levy.
  • Medium-sized entities (£10.2m – £36m revenue) will pay £10,000.
  • Large entities (£36m - £1bn revenue) will pay £36,000.
  • Very large entities (over £1bn revenue) will pay £250,000.

The Finance Bill 2021-22 will establish the Economic Crime (Anti-Money Laundering) Levy in legislation. The Bill had its First Reading in Parliament on 2 November 2021, was published on 4 November 2021 and will now follow the normal passage through Parliament.

European Union: EBA publishes clarifications on PSD2 issues

On 20 October 2021, the EBA published clarifications to the seventh set of issues raised by its industry working group on Application Programming Interfaces (API WG) under PSD2.

The document offers clarifications in areas including the following:

  • Downtime of dedicated interfaces. With regard to the channel used by account servicing payment service providers (ASPSPs) to inform third party providers (TPPs) about any unavailability of the dedicated interface, the Regulatory Technical Standards on strong customer authentication and secure communication (SCA RTS) do not prescribe a specific channel to be used as part of the communication plans. Therefore, it is for each payment service provider (PSP) to decide on the channel used for informing TPPs about any unavailability of their dedicated interface. Accordingly, ASPSPs are not prevented from using email for this purpose. In relation to the suggestion that the EBA could set up a central register/database where ASPSPs can communicate information about any upcoming maintenance of their dedicated interfaces, the EBA, in line with the views expressed by the majority of the API WG participants, is of the view that this proposal would introduce additional and unnecessary administrative burden for all stakeholders involved.
  • Payment status / rejection reasons. In relation to a proposal that the EBA should set out the minimum set of error codes and payment status messages that ASPSPs should send to TPPs, the EBA is of the view that these relate to implementation of the interfaces chosen by the ASPSPs, the specific events and errors that may occur, as well as the respective business models of TPPs. Also, the RTS do not impose any standardised error messages that ASPSPs should send to TPPs in accordance with Article 36(2) of the RTS. Accordingly, it is for the industry to set out the notification messages on the specific reason for any unexpected events or errors. Article 36(2) of the SCA RTS provides sufficient clarity on the content of these notification messages.
  • 90-day account access renewal SCA. The EBA agrees that the application of the exemption under Article 10 of the SCA RTS (which says that PSPs are not required to apply SCA in certain instances) has led to undesirable outcomes for account information services, their providers, and their users. To address this issue, the EBA has decided to make a targeted amendment on this particular aspect. It published a consultation on 28 October 2021 (see the separate item below for more information).

European Union: EBA consults on amendments to SCA RTS under PSD2

On 28 October 2021, the EBA published a consultation paper on amendments to its Regulatory Technical Standards (RTS) on strong customer authentication (SCA) and secure communication under PSD2 (SCA RTS). The amendments relate to the 90-day exemption from SCA for account access.

In particular, the consultation considers Article 10 of the SCA RTS, which provides an exemption from the application of SCA when the customer accesses limited payment account information, provided that SCA is applied for the first access and at least every 90 days after that. This exemption is currently voluntary, meaning that the account servicing payment service provider is allowed, but not obliged, to apply the exemption. In certain cases, the EBA would like to make the application of this exemption mandatory.

The deadline for submitting comments is 25 November 2021.

United Kingdom: Facial recognition payments in schools paused

On 25 October 2021, it was reported that nine schools in the UK had paused their use of facial recognition technology to allow children to pay for meals. The move came following concerns from the UK's Information Commissioner's Office, which said that organisations should consider a "less intrusive" approach where possible. The use of facial recognition technology had also been criticised by privacy campaigners.

United Kingdom: PSR consults on draft direction to maintain free-to-use ATMs

On 27 October 2021, the Payment Systems Regulator (PSR) published a consultation paper on a draft specific direction on maintaining free-to-use ATMs (CP21/9).

The new direction will replace Specific Direction 8, which will expire on 2 January 2022. Specific Direction 8 ensured that the operator of LINK could maintain the broad geographic coverage of free-to-use ATMs in the UK and meet service-user needs, and that it had the resources to do so. This was done by requiring LINK to comply with certain minimum requirements and requiring it to undertake certain steps to fulfil its commitments to the PSR.

The purpose of the draft specific direction is to continue to support the operator of LINK in ensuring that it can meet the objective of continuing to maintain a broad geographic coverage of ATMs in the UK and meet service-user needs by having in place and maintaining appropriate and effective policies, measures and reporting obligations.

The deadline for submitting comments on the draft specific direction was 16 November 2021.

United Kingdom: PSR publishes response to Confirmation of Payee consultation

On 21 October 2021, the Payment Systems Regulator (PSR) published a response (RP21/1) setting out its findings from the call for evidence that it issued on Phase 2 of the introduction of Confirmation of Payee (CoP).

Based on the responses received, the PSR is of the view that, while Phase 1 was a success, it will need to take further action to ensure more institutions implement CoP in order to provide greater safety for consumers when they make electronic bank transfers. The PSR also noted that it had been told that existing warnings during CoP checks might cause confusion to customers and that more consistency is needed. The feedback the PSR received shows that it is presently unclear whether standardised messages would provide additional benefit to those who use the CoP service.

In terms of next steps, the PSR will:

  • Continue monitoring the progress by the Specific Direction 10 banks and the other Phase 1 participants to be present in the Phase 2 environment by the end of 2021. Specific Direction 10 is the direction which required the UK’s six largest banking groups to implement CoP in 2020.
  • Consult in Q4 2021 on whether it will require the end of dual running by a specified date in 2022 and on revoking Specific Direction 10.
  • Decide whether they need to intervene to direct delivery of the remaining parts of Phase 2, notably implementation of CoP by non-participants and delivery of the secondary reference data (SRD) capability.

United Kingdom: The Payment and Electronic Money Institution Insolvency (England and Wales) Rules 2021 (SI 2021/1178) enter into force

On 12 November 2021, The Payment and Electronic Money Institution Insolvency (England and Wales) Rules 2021 (SI 2021/1178) entered into force. The new rules are ancillary to the Payment and Electronic Money Institution Insolvency Regulations (SI 2021/716) (the Regulations) that came into force on 8 July 2021. They contain detailed operating provisions aimed at supporting the special administration process started for a payment institution or an electronic money institution under the Regulations.

The special administration process is designed for insolvent non-bank institutions whose business is concerned with facilitating the transfer or storage of money through cards, mobiles, or e-wallets.

Among other things, the rules:

  • Require notice of a bar date to be given to anyone who the administrator believes has a right to assert a security interest over the funds in question.
  • Require insolvency practitioners to provide reasonable notice before a claims bar date enters into force.
  • Require special administrators to engage with payment systems operators during a special administration.

European Union: EBA publishes opinion on treatment of client funds under the DGSD

On 27 October 2021, the EBA published an opinion on the treatment of client funds under the Deposit Guarantee Schemes Directive (DGSD).

Article 5(1) of the DGSD provides that deposits placed in credit institutions by other credit institutions, financial institutions, investment firms and other types of financial firms are excluded from deposit guarantee schemes’ coverage. However, Article 7(3) of the DGSD provides that the exclusion will not apply where the credit institution which is making the deposit is not absolutely entitled to the sums held in the account.

The EBA makes a number of recommendations which are intended to ensure that:

  • If a credit institution were to fail, client funds placed with credit institutions by credit institutions, payment institutions, e-money institutions, and investment firms are protected by deposit guarantee schemes.
  • There is a harmonised method for the repayment of funds in client accounts where there is a need to mitigate the risk of contagion from the failed credit institution to the account holder.
  • When calculating the contributions to deposit guarantee schemes of a credit institution, that credit institution's client funds should be taken into account.

European Union: European Commission publishes 2022 work programme

On 19 October 2021, the European Commission published a communication outlining its work programme for 2022, along with annexes to the work programme and two factsheets (here and here).

Among other things, the work programme refers to initiatives relating to:

  • Instant payments in the EU.
  • The Proposal for a Regulation on digital operational resilience for the EU financial sector (DORA).
  • The Proposal for a Regulation on markets in cryptoassets (MICA).
  • Proposals designed to strengthen and modernise the EU anti-money laundering (AML) and counter-terrorist financing (CTF) framework.

European Union: EBA publishes response to European Commission call for advice on CMDI review

On 22 October 2021, the EBA published its response to the European Commission's April 2021 call for advice regarding funding in resolution and insolvency as part of the bank crisis management and deposit insurance (CMDI) framework review, together with a covering letter. In the response, the EBA concludes that:

  • Preferring deposits to other ordinary unsecured claims could increase the number of banks that are able to meet the requirements to access resolution financing arrangements (RFA) without the bail-in of any type of depositors.
  • A single-tier depositor preference (that is, where all types of depositors rank pari-passu) comes with the highest impact on covered deposits and the highest contributions from deposit guarantee schemes (DGS) compared to the other policy options and the current position.

The EBA also sets out an assessment of the reported difficulty of small and mid-sized banks to issue instruments that are eligible for the minimum requirement for own funds and eligible liabilities (MREL). It found that 12 institutions currently facing an MREL shortfall have not issued any MREL-eligible instruments. It intends to conduct further work on this topic and, in particular, on the cost of MREL as part of its MREL monitoring activity.

Kuwait: MP presents law to tax overseas remittances

On 6 November 2021, it was reported that a Kuwaiti MP has proposed a law to impose a tax on overseas remittances.

The bill was first introduced last year, but was rejected by the government, the Central Bank and a legislative committee, who argued that it would have a negative impact on the economy and create a black market for remittance payments. The bill is reportedly popular with some lawmakers, however, especially as Kuwait's foreign population makes up 70% of the country's total population.

Under the proposals, transfers of up to KD99 would be taxed at 1%, transfers of KD100-299 at 2% and transfers of KD300-499 at 3%. Those of KD500 and above would be taxed at 5%.

France: Banque de France commissions CBDC tests

On 19 October 2021, it was reported that a consortium of institutions had completed a test run of using central bank digital currency (CBDC) for settling French treasury bonds on a blockchain.

Overall, 500 instructions were executed during the trial, in both primary and secondary markets. The operations covered areas including securities issuance, primary market and secondary market trades, and liquidity optimisation mechanisms.

The trial forms part of a wider Banque de France initiative to use CBDC in the exchange and settlement of tokenised financial assets between financial intermediaries.

Indonesia: President orders moratorium on fintech lending licences

On 16 October 2021, it was reported that the Indonesian president, Joko Widodo, had ordered a moratorium on licence issuance for fintech lending. The purpose of the restriction is to address the increase in illegal business which has trapped people and small businesses in high-interest loans.

Widodo has also asked regulators to improve the governance of existing fintech lending businesses. While Indonesia only has 107 registered fintech companies, more than 1,800 unauthorised fintech lenders have been shut down this year alone.

European Union: EDPB launches first coordinated action under its Coordinated Enforcement Framework

On 18 October 2021, the European Data Protection Board (EDPB) launched its first co-ordinated action following the decision in October 2020 to launch its Coordinated Enforcement Framework. The Framework allows the EDPB to prioritise a topic for supervisory authorities to work on at the national level. The results are then analysed to provide insight into the topic and allow for targeted follow-up nationally and at the EU level. The topic of this first action is the use of Cloud-based services in the public sector.

Australia: Government publishes draft legislation on new privacy rules for global companies

On 25 October 2021, the Australian Attorney General’s Department published a consultation on the exposure draft of the Privacy Legislation Amendment (Enhancing Online Privacy and Other Measures) Bill 2021 (Bill).

The draft Bill is aimed at enhancing the protection of personal information through the introduction of an Online Privacy Code (OP Code), expansion of the extra-territorial scope of the Privacy Act 1988 (Cth) (Privacy Act) and strengthened penalties for non-compliance.

The Australian Government has invited relevant stakeholders to make submissions on the draft Bill by 6 December 2021. This feedback will be considered before the draft Bill is introduced to Parliament. For more on the draft Bill, take a look at this Engage article by members of Hogan Lovells’ Sydney office.

The draft Bill follows a raft of recent reforms targeted at strengthening privacy and cyber security protection for all Australians. More recently, the Online Safety Bill 2021 (Cth) was passed and is due to come into effect in January 2022.

The Attorney-General’s Department is also undertaking a review of the Privacy Act. The Department has released a discussion paper which seeks feedback on the proposals for privacy reform. These proposed changes include, amongst others, the introduction of mechanisms to prescribe and certify countries with substantially similar privacy laws when sharing information outside of Australia and the use of standardised notices and consents. Submissions are open until 10 January 2022.

Global: IOSCO publishes updated outsourcing principles

On 27 October 2021, the International Organisation of Securities Commissions (IOSCO) published the final report on its principles on outsourcing, setting out updated outsourcing principles for regulated entities that outsource tasks to service providers. This follows its May 2020 consultation on revising the principles.

The final report sets out the seven principles below, and also gives details of how these principles should be implemented:

  1. Principle 1: A regulated entity should conduct suitable due diligence processes in selecting an appropriate service provider and in monitoring its ongoing performance.
  2. Principle 2: A regulated entity should enter into a legally binding written contract with each service provider, the nature and detail of which should be appropriate to the materiality or criticality of the outsourced task to the business of the regulated entity.
  3. Principle 3: A regulated entity should take appropriate steps to ensure both the regulated entity and any service provider establish procedures and controls to protect the regulated entity’s proprietary and client-related information and software and to ensure a continuity of service to the regulated entity, including a plan for disaster recovery with periodic testing of backup facilities.
  4. Principle 4: A regulated entity should take appropriate steps to ensure that service providers protect confidential information and data related to the regulated entity and its clients, from intentional or inadvertent unauthorised disclosure to third parties.
  5. Principle 5: A regulated entity should be aware of the risks posed, and should manage them effectively, where it is dependent on a single service provider for material or critical outsourced tasks or where it is aware that one service provider provides material or critical outsourcing services to multiple regulated entities including itself.
  6. Principle 6: A regulated entity should take appropriate steps to ensure that its regulator, its auditors, and the entity itself are able to obtain promptly, upon request, information concerning outsourced tasks that is relevant to contractual compliance and/or regulatory oversight. This will include, as necessary, access to the data, IT systems, premises and personnel of service providers relating to the outsourced tasks.
  7. Principle 7: A regulated entity should include written provisions relating to the termination of outsourced tasks in its contract with service providers and ensure that it maintains appropriate exit strategies.

The final report also briefly addresses the impact of the COVID-19 pandemic on outsourcing and operational resilience, and includes an annex that describes how outsourcing integrates with cloud computing and how CRAs use and incorporate outsourcing and cloud computing in their organisational strategies and structures.

IOSCO advises that financial market infrastructures (FMIs) are outside the scope of the updated principles, but they may consider applying them anyway. It will be engaging with the Committee on Payments and Market Infrastructures (CPMI) on FMI outsourcing issues as part of the future joint IOSCO-CPMI work programme. IOSCO is also keeping a watching brief on the application of outsourcing principles to the asset management sector.

United States: FinCEN provides AML regulatory relief to casinos

On 19 October 2021, FinCEN, the US Government’s lead AML regulator, published an Exceptive Relief in which it exercised its regulatory relief authority to allow casinos and card clubs to employ “non-documentary means” to verify patrons’ identity.

The original rules required casinos to inspect identity documents (like drivers’ licenses and passports) to establish a customer’s identity before opening an account. FinCEN invoked its “exceptive relief” authority to relax the regulatory requirements, allowing casinos and card clubs to use other methods such as knowledge proof systems and database verifications to ensure that the customer is who they say they are.

For more information on this development, take a look at this Engage article by members of Hogan Lovells’ Washington D.C. office.

United Kingdom: Money Laundering and Terrorist Financing (Amendment) (No 3) (High-Risk Countries) Regulations 2021 enter into force

On 2 November 2021, the Money Laundering and Terrorist Financing (Amendment) (No 3) (High-Risk Countries) Regulations 2021 (SI 2021/1218) came into force.

These Regulations amend the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (SI 2017/692) (the MLRs) by substituting the list of high-risk third countries in Schedule 3ZA for a new list.

United Kingdom: HM Treasury updates advisory notice on AML/CTF controls in higher risk jurisdictions

On 28 October 2021, HM Treasury updated its Advisory Notice: Money Laundering and Terrorist Financing controls in higher risk jurisdictions. This advisory notice replaces all previous notices issued by HM Treasury on the subject. The advisory notice follows two statements published by the Financial Action Task Force (FATF) on 21 October 2021, identifying jurisdictions with strategic deficiencies in their AML/CTF regimes.

Europe: AFME publishes report on AML monitoring

On 20 October 2021, the Association for Financial Markets in Europe (AFME) published a paper on firms' monitoring of financial transactions for potential money laundering activities.

The AFME note that there are five key themes:

  1. Current AML transaction monitoring (TM) systems are ineffective in the markets sector, and there is a widely held view in the private sector that money laundering is likely to be going on undetected.
  2. A small number of firms have demonstrated that it is possible to monitor effectively through the use of a hybrid approach blending technology tooling and automated techniques with highly skilled manual processes.
  3. The key to deploying analytical transaction monitoring solutions successfully in the markets sector is using highly skilled team members that understand the complex domain as well as the technical methods.
  4. More collaboration between private and public sector would be beneficial, even if it is not feasible for law enforcement agencies to give feedback on individual Suspicious Activity Reports.
  5. Greater effectiveness and cost efficiencies will be achieved through partial convergence of market abuse surveillance with AML TM.

Global: FATF publishes updated guidance on virtual assets and virtual asset service providers

On 28 October 2021, the Financial Action Task Force (FATF) published the updated version of its guidance on the risk-based approach to virtual assets (VAs) (also known as cryptoassets) and virtual asset service providers (VASPs).

The guidance explains how the FATF's AML and CTF standards apply to VAs and VASPs, provides relevant examples, identifies obstacles to applying mitigating measures and offers potential solutions.

The updated guidance addresses issues identified from the FATF's second 12-month review of implementation of its standards on VAs and VASPs, which it reported on in July 2021. It also reflects input from responses to FATF's March 2021 consultation on updating the guidance. A quick guide published alongside the updated guidance provides a summary of the key changes made to the previous version of the guidance.

FATF will continue to closely monitor the VAs and VASPs sector for any material changes that necessitate further revision or clarification of its standards.

Global: FSB calls for global convergence in cyber incident reporting

On 19 October 2021, the Financial Stability Board (FSB) published a report titled "Cyber Incident Reporting: Existing Approaches and Next Steps for Broader Convergence".

The report explores whether greater convergence in the reporting of cyber incidents could be achieved, in light of increasing financial stability concerns, especially given the digitalisation of financial services and increased use of third-party service providers.

The report goes on to identify three ways that the FSB will seek to promote greater convergence in cyber incident reporting:

  • Develop best practices by identifying a minimum set of types of information authorities may require related to cyber incidents to fulfil a common objective (for example, financial stability, risk assessment and risk monitoring) that authorities could consider when developing their cyber incident reporting regime.
  • Identify common types of information to be shared, understand any legal and operational impediments to sharing such information, and continue efforts to reduce such barriers.
  • Create common terminologies for cyber incident reporting, in particular a common definition for ‘cyber incident’.

United Kingdom: CMA publishes update on governance of Open Banking

On 5 November 2021, the Competition and Markets Authority (CMA) published an update on the governance of Open Banking.

Open Banking is delivered through the Open Banking Implementation Entity (OBIE), an organisation established by the Retail Banking Market Investigation Order 2017 and funded by the nine largest current account providers in the UK (the CMA9). An Implementation Trustee, approved by the CMA, was appointed to oversee the process.

As the implementation phase of Open Banking is nearing completion, in March 2021 the CMA consulted on what arrangements should be put in place for its governance in the next phase of its development.

The CMA's update sets out progress in strengthening corporate governance at the OBIE. It also highlights ongoing work to clarify the roles and responsibilities of each of the CMA, OBIE, Trustee and CMA9, review the role of the OBIE Board, and improve transparency.

The CMA has also identified a number of high-level principles to inform work on the future governance of Open Banking, relating to purpose, regulatory collaboration and oversight, stakeholder interests, leadership, governance, reporting, monitoring and compliance, funding and transition. Working with other regulators, in particular the FCA and the Payment Systems Regulator (PSR), alongside relevant government departments, the CMA is developing a statement which will set out a clear joint vision for the future of Open Banking and its governance. The CMA intends to publish the statement and provide a further update in late 2021 or early 2022.

United Kingdom: Bank of England publishes policy statement on fees regime for FMI supervision 2021/22

On 18 October 2021, the Bank of England (BoE) published a policy statement following its June 2021 consultation paper on the 2021/22 fees regime for the supervision of financial market infrastructure (FMI). It has not made any changes to the proposals that were set out in the consultation paper.

The FMIs that are currently within scope of the annual FMI supervisory fee are recognised payment systems, specified service providers to recognised payment systems, UK central counterparties (CCPs) and UK central securities depositories (CSDs).

As well as proving feedback to the three responses the BoE received to its consultation paper, the policy statement sets out:

  • The final fee rates in relation to the BoE's 2021/22 funding requirement for its FMI supervisory activity and the policy activity that supports this.
  • The outcome of the 2020/21 actual costs incurred and the impact on FMI fees charged for 2021/22, including the BoE's confirmation of the shortfall/surplus in fees for 2020/21. As there was no surplus or shortfall in the fee year 2020/21, no FMI will receive a rebate in the 2021/22 invoice.

Regarding implementation, the BoE intended to issue invoices in September for the 2021/22 fee year.

United Kingdom: Latest version of Financial Services Regulatory Initiatives Grid published

On 1 November 2021, the fourth edition of the Financial Services Regulatory Initiatives Grid was published by the Financial Services Regulatory Initiatives Forum.

Members of the Forum are the Bank of England (including the PRA), the FCA, the Payment Systems Regulator, the Competition and Markets Authority, the Financial Reporting Council, The Pensions Regulator and the Information Commissioner’s Office. HM Treasury attends as an observer member. The Forum was launched to strengthen coordination between members, and the Grid (first published in April 2020) sets out the regulatory pipeline so that the financial services industry and other stakeholders can understand – and plan for – the timing of the initiatives that may have a significant operational impact on them.

The Forum publishes the Grid twice a year, providing detail on the timing of initiatives over a 24-month horizon.

For more on this development, take a look at this Engage article by members of Hogan Lovells’ London office.

United Kingdom: Latest version of Financial Services Regulatory Initiatives Grid published

On 21 October 2021, the FCA published its Perimeter Report 2020/21. In a related press release, the FCA highlights areas where it is calling for legislative change to protect consumers. Points of interest in the Report include:

  • Payments: The FCA will be working closely with HM Treasury (HMT) in the coming months to lay the foundations to delivering on the priorities outlined in the Government's response to the Payments Landscape Review.
  • Cryptoassets: The FCA will continue to monitor the market and consider whether activities fall within its perimeter. It will also continue to work with HMT and other regulators to inform thinking on where further regulatory or legislative change is needed. The FCA is working with HMT, the Bank of England and the Payment Systems Regulator as part of the UK Cryptoasset Taskforce to consider the appropriate regime for cryptoassets used for payments.
  • SMCR: Extending the SMCR to the payments and e-money sector (among others) would enhance individual accountability and governance within firms, and strengthen the FCA's ability to supervise such firms by giving it a wider range of tools to drive higher standards and mitigate risks of consumer harm. The FCA will continue to work with HMT on this issue.
  • The Money Laundering Regulations 2017 (MLRs): The FCA is concerned, based on its experience under the MLRs and as has previously been made public in its correspondence with the Treasury Select Committee, that the registration standards it is permitted to apply under the MLRs are far less demanding than those applicable under FSMA. It therefore welcomes the July 2021 call for evidence published by HMT, which expressly includes the question of whether supervisory authorities under the MLRs have the powers they need to support an effective gateway into the MLR perimeter.

The Perimeter Report will form the basis of a formal discussion between the FCA Chief Executive, Nikhil Rathi, and the Economic Secretary to the Treasury, John Glen MP, before the end of the year, the minutes of which will be published.

United Kingdom: Chief Executive of Digital Regulation Cooperation Forum appointed

On 1 November 2021, the Digital Regulation Cooperation Forum (DRCF) announced the appointment of Gill Whitehead as its Chief Executive. The DRCF was established in July 2020 by the Competition and Markets Authority (CMA), Ofcom and the Information Commissioner's Office (ICO) to ensure a greater level of coordination between the different regulators of online services in order to drive a coherent approach to digital regulation. The FCA became a member of the DRCF in April 2021.

United Kingdom: FCA speech on work and role as a data-led regulator

On 2 November 2021, the FCA published a speech given by Jessica Rusu, FCA Chief Data, Information and Intelligence Officer. The speech focuses on the FCA's response to new technologies and how it is making the best use of its resources to tackle the challenges faced by consumers and industry as an effective data-led regulator. Points of interest from the speech include a mention of the fact that the FCA will soon publish a refreshed Data Strategy (last updated in January 2020).

Global: FSB Chair makes speech on focus for 2022

On 18 October 2021, Randal K. Quarles, Chair of the Financial Stability Board (FSB), made a speech on the FSB's focus for 2022.

Among other areas, Quarles mentioned that the FSB is closely watching cryptoassets and stablecoins, noting that in the last 18 months, the market capitalisation of cryptoassets has grown from less than $200 billion to as much as $2.4 trillion. He also warned of the need to consider whether the FSB's regulatory and supervisory approaches appropriately address risks, while preserving the benefits that innovation can bring. Digital assets don’t fit neatly into current regulatory buckets, and they operate in the digital ether where they can easily cross national borders.

On this point, Quarles noted that while digital assets may not be current threats to global financial stability, products which fall between the regulatory cracks one day can become systemic problems the next, and that the goal of the FSB's work is to guard against new risks that emerge from innovation without stifling this same innovation.

Global: FSB letter to G20 leaders

On 25 October 2021, the Financial Stability Board (FSB) sent a letter to the G20 leaders ahead of the October 2021 G20 summit. Points raised include:

  • The COVID-19 pandemic has boosted the use of digital financial services, in particular various forms of digital payments: Growth in this area reinforced the need to assess the financial stability implications of financial innovation, particularly innovation with a technological component. The letter also highlighted the need to ensure that supervisory and regulatory frameworks and approaches provide a solid foundation for harnessing the benefits of such innovation while containing their risks, as also highlighted in Randal Quarles' speech (see the previous item).
  • Cryptoassets in their various forms raise particular challenges: The markets for such assets have evolved rapidly over the past year. With market capitalisation for cryptoassets rising and links to the rest of the financial system growing, the FSB will continue to closely monitor these markets and their implications for financial stability. The FSB's review this year demonstrated that several jurisdictions have been analysing and updating their legal and regulatory regimes to ensure that they have the ability to identify and address the specific risks arising from ‘stablecoins’. Further, authorities identified several issues that warrant further consideration at the international level, and the FSB is working to address these.
  • The FSB is working to make cross-border payments cheaper, faster, more transparent, and more accessible: Work in 2021 focused on laying the foundational elements that support the FSB's G20 roadmap for enhancing cross-border payments. A key part of the foundation has been the publication of specific quantitative global targets that address the challenges of cost, speed, transparency, and access that cross-border payments face. These targets play an important role in defining the ambition of the work and creating accountability. But the FSB warned that the roadmap will not be achieved merely through analyses and recommendations. The next stage of work in 2022 includes the development of specific proposals for material improvements of underlying systems and arrangements, as well as the potential development of new systems.

Global: G20 leaders' declaration from October 2021 summit published

On 31 October 2021, the G20 published the leaders' declaration which was adopted following the summit held in Rome on 30 and 31 October 2021.

Among other things, in the declaration the G20:

  • Welcomes the progress reported against the 2021 milestones set under its roadmap to enhance cross-border payments and endorses the quantitative global targets for addressing the challenges of cost, speed, transparency and access by 2027 set out in the FSB's related report.
  • Reiterates that no global stablecoins should commence operation until all relevant legal, regulatory and oversight requirements are adequately addressed through appropriate design and by adhering to applicable standards. It urges jurisdictions to progress their implementation of the FSB's high-level recommendations in this area, and standard setting bodies to complete their assessment of whether to make any adjustments to standards or guidance in view of these recommendations.
  • Encourages the Committee on Payments and Market Infrastructures (CPMI), Bank for International Settlements (BIS) Innovation Hub, International Monetary Fund (IMF) and World Bank to continue deepening the analysis on the potential role of central bank digital currencies in enhancing cross-border payments and their wider implications for the international monetary system.

Global: G7 agree Digital Trade Principles

On 22 October 2021, trade ministers from the G7 countries met and agreed to five Digital Trade Principles:

  1. Open digital markets. In particular, the ministers stated that they are united in their support for open digital markets and in opposition to digital protectionism and digital authoritarianism.
  2. Data free flow with trust. The ministers want to harness the opportunities of the digital economy and support the trade of goods and services. They are particularly concerned about situations where data localisation requirements are being used for protectionist and discriminatory purposes.
  3. Safeguards for workers, consumers, and businesses. Effective measures must be in place to ensure a high level of consumer protection when purchasing goods and services online. Businesses must have a secure digital trading environment, with the highest standards of cybersecurity and resilience against illicit or malign activity.
  4. Digital trading systems. Governments and industry should drive forward the digitisation of trade-related documents. This includes addressing legal, technical, and commercial barriers to the digitisation of paper processes.
  5. Fair and inclusive global governance. Common rules for digital trade should be agreed and upheld at the World Trade Organisation.

Global: FATF report on consequences of incorrect implementation of Standards

On 27 October 2021, the Financial Action Task Force (FATF) published a report setting out its views on the unintended consequences of the incorrect implementation of the FATF Standards. The report looks at four key themes:

  1. De-risking: It is difficult to identify a direct correlation between the FATF Standards and de-risking in the financial sector, even though failure to implement the risk-based approach of the FATF Standards at the national level could be one of the many drivers of de-risking, in particular for money or value transfer services (MVTS) operators and some non-profit organisations (NPOs).
  2. Financial exclusion: The misapplication of the FATF Standards, and in particular the failure to use the proportionality that is central to the risk-based approach, can lead to or compound financial exclusion. Rules-based requirements increase inclusion barriers as financial institutions and designated non-financial businesses and professions are not willing to take on or mitigate the AML/CTF risks.
  3. Undue targeting of NPOs: The analysis here concludes that the undue targeting of NPOs in the context of purported or real AML/CTF implementation (both legitimate or otherwise) may be related in some cases to poor or negligent implementation of FATF’s risk-based approach.
  4. Curtailment of human rights: Here, FATF identifies a number of ways that misapplication of the Standards could be relevant: (i) excessively broad or vague offences in legal counterterrorism financing frameworks, which can lead to wrongful application of preventative and disruptive measures including sanctions that are not proportionate; (ii) issues relevant to investigation and prosecution of CTF and AML offences, such as the presumption of innocence and a person’s right to effective protection by the courts; and (iii) incorrect implementation of UN Security Council Resolutions and FATF Standards on due process and procedural issues for asset freezing.

Payment Market Developments

United States: Clickatell announces new payment capabilities in its Chat Commerce Platform

In October 2021, Clickatell announced that it is adding new payment capabilities to its Chat Commerce Platform. Clickatell announced the following new functions:

  • "Connect" enables messaging and notifications, such as a bank sending a customer a credit card transaction verification alert.
  • "Interact" provides back-end system integration and orchestration complete with chat bot and agent desk capability.
  • "Transact" supports API payments and digital transactions capabilities through Clickatell’s new Chat 2 Pay. Chat 2 Pay enables businesses to securely accept payments in chat messaging by sending consumers a payment link via SMS or WhatsApp.

Guernsey: Jacobi receives approval for the world’s first tier one Bitcoin ETF

On 15 October 2021, it was reported that Jacobi Asset Management had received approval from the Guernsey Financial Services Commission for the world's first tier one bitcoin ETF (exchange-traded fund). Jacobi plans to list the bitcoin ETF on the Cboe Europe equity exchange, subject to FCA approval.

Russia: UnionPay and Solidarnost launch Money Express service

On 20 October 2021, it was reported that UnionPay International, a global payment services provider, is partnering with Solidarnost Bank to launch its Money Express service. The service will allow Solidarnost customers to make transfers from their account or card to China or CIS countries without having to visit a Solidarnost branch.

Global: Mastercard partners with Previse on Mastercard Cross-Border Services

On 18 October 2021, it was reported that Previse is integrating Mastercard Cross-Border Services into its InstantPay platform. InstantPay analyses invoices to identify those that are likely to be rejected, which enables other invoices to be paid quicker. It is therefore hoped that the new integration will accelerate instant payments in over 100 countries.

Romania: Smart Fintech receives Open Banking authorisation

On 20 October 2021, it was announced that Smart Fintech had become the first Romanian third-party provider authorised to provide both Open Banking services, namely account information services and payment initiation services. This will allow Smart Fintech to offer its customers integrated payment and account information aggregation services.

North America: TransferMex and Tern Commerce partner on remittances

On 20 October 2021, it was reported that Tern Commerce, a "fintech as a service" company, is granting access to its same day cross-border remittance capabilities to TransferMex. US employers using TransferMex will be able to pay seasonal workers using a prepaid card. It also allows workers to send same-day payments to Mexico.

United States: Klarna buys Inspirock

On 22 October 2021, it was announced that Klarna is acquiring Inspirock, the online trip planner. According to Klarna, the acquisition will "bring enhanced advertising and content capabilities for retailers at critical point in the travel planning journey".

Global: Nium launches crypto-as-a-service global platform

On 25 October 2021, it was announced that Nium is launching the industry's first global crypto-as-a-service platform. This will allow financial institutions to access new services relating to cryptocurrency investment. The new services include "Comprehensive Cryptocurrency Investment Services", "Stablecoin Support", and "Cryptocurrency Compliance Services".

Nigeria: MFS Africa acquires Baxi

On 26 October 2021, it was reported that MFS Africa, an African digital payments hub, had agreed to buy Baxi, a Nigerian agent network. The deal is subject to approval from the Central Bank of Nigeria. MFS Africa hopes that the deal will allow it to expand its African network and connect Nigerian business to the rest of Africa and the world.

Israel: BlueSnap launches local acquiring in Israel

On 25 October 2021, it was reported that BlueSnap, a global payment technology company, had received licensing and bank approval for local acquiring in Israel. The move allows businesses operating in Israel to process digital payments locally, without incurring cross-border fees. Israel is the forty-seventh country that BlueSnap has launched local acquiring services in.

United Kingdom: PayPal launches Zettle Terminal

On 26 October 2021, it was reported that PayPal is launching the Zettle Terminal, an all-in-one point-of-sale payment solution for small businesses. The terminal comes with a SIM card, which means that it has WiFi and cellular connectivity, allowing payments to be made away from tills. It also has a touchscreen, and an integrated barcode scanner.

Mongolia: Tranglo opens payment route

On 2 November 2021, it was announced that Tranglo, the cross-border payments hub, is launching a new payment corridor to Mongolia.

Surveys and Reports

Global: FATF publishes results of survey on enhancing cross-border payments

On 22 October 2021, FATF published the results of its cross-border payments survey. The survey considers a number of areas, including:

  • What respondents' biggest obstacles are. On this point, the most popular response by a significant margin was "Identifying & verifying customers & beneficial owners". The second largest concern was "Targeted Financial Sanctions screening".
  • The negative impacts of national AML/CFT measures. The most popular answer here was increased costs, followed by reduced speed, limiting access and reduced transparency.
  • The challenges related to information sharing. 72% of respondents considered the challenges posed by constraints on information sharing as "significant" or "most significant".

Global: Blockchain can reduce cross-border settlement costs, report shows

On 8 November 2021, it was reported that Juniper Research had released a report which concluded that banks could save billions in the long-term by using blockchain for cross-border settlement. The report predicts that savings will be biggest in large trading nations like the US and China, which see a high volume of remittances and benefit from a favourable regulatory environment.

The report also notes that the reluctance of key payments institutions to move away from legacy systems is slowing wider blockchain adoption.

South-east Asia: 162% e-commerce spending increase expected by 2025

On 3 November 2021, it was reported that IDC had released a report which predicts that e-commerce payments in South-East Asia will increase by 162% by 2025, to USD 179.8 billion. The largest e-commerce markets are expected to be Indonesia, Vietnam and Thailand. The report also predicts that the use of mobile wallets and Buy-Now Pay-Later will grow by approximately 30% between 2o2o and 2025. Indonesia alone is expected to have over 100 million mobile wallet users by 2025.