In this weekly post, we round-up FinTech-related financial services regulatory developments for the week ending 22 September 2023.
- OK consumer? Few doubt AI’s power but trust concerns remain
- FSR Australia GPS Podcast Series EP6: Scams – A customer’s rights, a bank’s obligations
- The Economic Crime and Corporate Transparency Bill: where are we now? (UK)
Find our more about our Emerging Tech Academy – an online series from AI and the metaverse, to blockchain and digital assets
FCA issues ‘final warning’ to cryptoasset firms marketing to UK consumers regarding forthcoming financial promotion regime
The FCA has written to cryptoasset firms and those supporting them with what it calls a ‘final warning’ regarding the forthcoming changes to the financial promotion regime which will bring cryptoassets within the scope of the regime. All firms marketing cryptoassets to UK consumers, including firms based overseas, must comply with the regime which will have effect from 8 October 2023. The FCA expressed its concerns about the poor level of engagement from many unregistered overseas firms, noting that only 24 have responded to a survey which it sent to 150 such firms.
The FCA warned that unregistered cryptoasset firms are likely to be in breach of section 21 of the Financial Services and Markets Act 2000 (FSMA) if they continue to promote cryptoassets to UK consumers without having an authorised person approve the promotion. This would be a criminal offence punishable by up to two years’ imprisonment, an unlimited fine, or both.
The regulator also reminded all businesses supporting unregistered cryptoasset firms that they should carefully consider their obligations under the Proceeds of Crime Act 2002 (POCA). [21 Sep 2023]
JMLSG: Ministerial approval of revisions to cryptoasset Guidance
The Joint Money Laundering Steering Group (JMLSG) has received HM Treasury ministerial approval of the latest revisions to Part II Sector 22 (Cryptoasset providers and custodian wallet providers) of its Guidance. This includes the new Sector 22 Annex 1 relating to cryptoasset transfers (Travel Rule) and related updates to Sector 22. [20 Sep 2023]
EP Briefing: Non-EU regulation of cryptoasset and its implications for the EU
The EP has published a briefing on developments in the regulation of cryptoassets in the US, the UK and other jurisdictions. The paper then analyses the potential implications of such developments for the EU in terms of financial stability, market attractiveness and digital currencies. [22 Sep 2023]
EIOPA launches survey on access to cyber insurance by SMEs
The European Insurance and Occupational Pensions Authority (EIOPA) has issued a survey to small to medium-sizied enterprises (SMEs) to better understand the challenges that they face in protecting themselves from cyber risk and to understand the level of access to cyber insurance.
Responses are requested by 20 March 2024. [20 Sep 2023]
OJ: Guidelines on the application of Article 4 (1) and (2) of NIS 2 Directive to financial services entities within scope of DORA
A Communication regarding Commission Guidelines on the application of Article 4 (1) and (2) of the second Network and Information System Directive (NIS 2) has been published to the Official Journal of the EU (OJ). The Guidelines clarify the application of provisions for financial entities that are covered by both the NIS 2 Directive and the Digital Operational Resilience Act (DORA) which relate to cybersecurity risk management and incident reporting. [19 Sep 2023]
#OpRes #Cyber #DORA
ASIC: Crypto exchange sued by ASIC for alleged design and distribution failures
ASIC has commenced civil penalty proceedings in the Federal Court against Bit Trade Pty Ltd, provider of the Kraken crypto exchange to Australian customers. ASIC has alleged that Bit Trade failed to comply with the design and distribution obligations (DDOs) for the margin trading product it offers Australian customers on the Kraken exchange. The proceedings appear to be part of ASIC’s ongoing scrutiny of crypto exchanges. At the time of writing, Bit Trade has not yet commented on the proceedings. [21 Sep 2023]
ASIC Chair discusses cyber preparedness
ASIC Chair, Joe Longo, has delivered an address related to cyber preparedness and risks for businesses in the cyber space at the Australian Financial Review Cyber Summit. In his speech, Mr Longo makes three key points:
- Organisations must take an active approach to evaluating and managing third-party cyber risk. ASIC has recently conducted the cyber pulse survey to measure cyber resilience in Australia’s corporate and financial markets. While the report has not been published yet, Longo noted that the initial findings of the survey demonstrate that one of the weakest links in cyber preparedness is third-party suppliers, vendors, and managed service providers. Furthermore, Mr Longo shared that 44% of respondents to the survey indicated that they did not manage third-party or supply chain risk, and more than half have limited or no capability to protect confidential information adequately.
- For all boards, cyber security and cyber resilience must be top priorities. ASIC expects this to include oversight of cyber security risk throughout the organisation’s supply chain. Failure to ensure adequate measures are in place exposes directors to potential enforcement action by ASIC, based on the directors not acting with reasonable care and diligence.
- There is a need to go beyond security alone and build up resilience – meaning the ability to respond to and recover from an incident. Security plans must be tested regularly, alongside ongoing reassessment of cyber security risks, including within the supply chain. [18 Sep 2023]
HKMA launches Green Fintech Competition to enhance resilience of banking sector to climate risk
As part of the its efforts to enhance the resilience of the banking sector to climate risk, the HKMA has announced the launch of the Green Fintech Competition, to promote the adoption of green fintech solutions in the Hong Kong banking industry.
Green fintech firms in Hong Kong and around the world are invited to participate and showcase how their solutions can be applied to the banking industry. Their solutions should be relevant to any of the four themes: net-zero transition or transition planning; climate risk management; green sand sustainable finance; and sustainability or climate-related disclosure and reporting. The themes and problem statements were developed based on feedback received from the industry, reflecting challenges faced by the Hong Kong banking industry which might benefit from green fintech solutions.
Interested firms will need to submit a market-ready solution for at least one of the above themes by 20 October 2023. Examples of problem statements for each theme can be found on the competition’s designated website. They can choose to tackle the problem statements listed at the website or other problem statements which they think are relevant to the four themes. Further details about the competition can also be found on the designated website.
Solutions will be judged by a panel comprising representatives from both the public and private sectors, including the banking and technology sectors, professional associations and academia. Winners of the competition will be offered a fast-track opportunity to the presentation stage of Cyberport Incubation Program which provides comprehensive business support to facilitate the development of their green fintech solutions.
Finalists will be invited to join and host exhibition booths in the HKMA event ‘Green and Sustainable Banking Conference’ to be held in December 2023 for conducting in-depth exchange with and showcasing their solutions to the industry, as well as exploring opportunity for further collaboration. They can also enjoy tailor-made consultation services from InvestHK to gain further insight into the Hong Kong market so as to ensure their solutions meet the market needs. [21 Sep 2023]
HKMA’s Executive Director discusses innovative financial regulation in keynote speech
The HKMA’s Executive Director (Enforcement and AML), Ms Carmen Chu, gave a keynote speech at the Pan Asian Regulatory Summit 2023 on 20 September 2023. Ms Chu discussed the HKMA’s approach and upcoming plans regarding innovative financial regulation, including:
- As part of the efforts to digitalise AML supervision, the HKMA will be automating data collection while innovating the way it conducts risk profiling of banks and analyses granular crime data in supervisory processes.
- The Financial Intelligence Evaluation Sharing Tool (FINEST), a bank-to-bank information sharing platform, will be further expanded to cover more banks, customer types and crime types, and will supplement the public-private partnership known as Fraud and Money Laundering Intelligence Taskforce, to provide a new approach to combatting financial crime. [20 Sep 2023]
Insurance Authority launches Open API Framework and Central Register to facilitate insurtech development
The Insurance Authority has announced the launch of the open application programming interface (API) framework and API central register (in collaboration with the Hong Kong Science and Technology Park Corporation) for the insurance sector, providing guidance and necessary facilitation to market participants for Open API implementation.
In response to the increasing Open API application and industry-wide recognition on its importance for system interface enhancement and data exchange, the Insurance Authority has worked closely with market stakeholders to formulate the Open API framework to provide guiding principles on its adoption, covering areas such as categorisation of Open API functions, third-party service provider (TSP) governance and risk management and exemplary use cases to stimulate innovation. The framework also aims to foster cross-sectoral collaboration and insurtech application to bring about more seamless financial services to the public.
As a standardised and trusted online platform, the API Central Register enables Authorized insurers (AIs), licensed insurance intermediaries (LIIs) and their partnering TSPs to manage and introduce their Open API and relevant data to the public, thereby fostering partnerships and greater connection among market stakeholders that lead to more innovation and quality services.
AIs and LIIs are expected to adhere to the framework when implementing Open API in their operations or for provision of products and services, while AIs, LIIs and their partnering TSPs are strongly encouraged to register with the API Central Register and utilise the digital infrastructure for API-related initiatives. The registration details and procedures will be provided separately.
The Insurance Authority will continue to work closely with market participants to promote the adoption of Open API in the insurance sector, monitor the progress of its development and implementation in Hong Kong and consider the implementation of regulatory measures if necessary. [18 Sep 2023]
HKMA issues alerts on misrepresentation by crypto firms using the word ‘bank’
The HKMA has issued an alert to remind members of the public to beware of crypto firms purporting to be ‘banks’ or describing their products as ‘deposits’, and to warn these crypto firms that this may be a contravention of the Banking Ordinance.
The HKMA is aware of some crypto firms describing themselves using terms such as ‘crypto bank’, ‘crypto asset bank’, ‘digital asset bank’, ‘digital bank’ or ‘digital trading bank’, or claiming to offer ‘banking services’ or ‘banking accounts’. Some crypto firms also use the word ‘deposits’ to describe funds placed with them by clients, or promote ‘savings plans’ as ‘low risk’ with ‘high return’. These descriptions may mislead members of the public into believing that those crypto firms are banks authorized in Hong Kong, to which they can entrust their savings.
Under the Banking Ordinance, only authorised institutions (licensed banks, restricted license banks and deposit-taking companies) which have been granted a licence by the HKMA can carry out banking or deposit-taking business in Hong Kong. It is an offence for any person, apart from AIs, to use the word ‘bank’ in the name or description under which they carry on business, or make any representation that they are a bank or carrying on banking business in Hong Kong. It is also an offence for any person, to carry on a business of taking deposits in Hong Kong or invite members of the public to make any deposit.
The HKMA reminds the members of the public that crypto firms are not supervised by the HKMA and funds placed with them are not protected by the Hong Kong Deposit Protection Scheme. In case of doubt, members of the public should verify whether the entity is authorized to conduct such business by referring to the register of authorised institutions on the HKMA’s website. [15 Sep 2023]
MAS MD discusses AI
MAS has published a speech delivered by its MD Ravi Menon at the at 61st ACI World Congress. Mr Menon identified what he considered would be the three dominant investment themes in Asia-Pacific in the next decade, which included artificial intelligence (AI).
With regard to AI, Mr Menon particularly noted that he expected AI to help accelerate transition finance. He highlighted the 2022 launch by MAS of Project NovA! – an AI utility aimed at helping financial institutions generate insights on financial risks. Mr Menon also discussed the need for ‘safe and responsible’ AI. [21 Sep 2023]
MAS publishes 4th Enforcement Report
MAS has issued its 4th Enforcement Report which includes its enforcement priorities for 2023 and 2024. These include enhancing capabilities to tackle misconduct in the digital asset ecosystem, including by working with foreign regulators and law enforcement agencies to obtain and share information on errant entities and individuals.
MAS response to Parliamentary Question: Transition from cheques to digital payment methods
MAS has responded to a to Parliamentary Question on how it is supporting the transition from cheques to digital payment methods. In its response MAS notes that through its engagement with businesses, it has found that many have already adopted digital payments. However, some businesses have requested alternative payment solutions to enable them to make deferred payments. To meet this request, the banking industry will implement alternative payment solutions by 2025 which will allow businesses to make a deferred payment or issue a cashier’s order electronically without the need for paper cheques. Additionally, MAS notes that all Government agencies have reviewed their regulations to ensure that there are no regulatory hurdles preventing businesses and individuals from making payments digitally. [19 Sep 2023]
ABS announces that major retail banks in Singapore have increased security measures
The Association of Banks in Singapore (ABS) has announced that major retail banks in Singapore have enhanced their security measures to protect customers from malware scams and will progressively introduce refinements or new measures to keep pace with changes in the threat landscape.
Ms Ho Hern Shin, Deputy Managing Director (Financial Supervision) at MAS welcomed the enhanced security measures, commenting that ‘As scammers constantly adjust their tactics to evade existing safeguards, the industry must continue to respond in an agile fashion to counter these threats.’ She also urged members of the public to be attentive to scam advisories issued by the police and by banks.
Mr David Chew, Director, Commercial Affairs Department, Singapore Police Force, observed that the measures will enhance security and protect the public. He also said, ‘Members of the public are advised not to download any suspicious Android Package Kit (APK) files from third party or dubious sites as this can lead to malware being installed on their devices.’ [18 Sep 2023]
SEBI: Redressal of investor grievances through the SEBI Complaint Redressal (SCORES) Platform
SEBI has published a circular which explains that the SEBI (Facilitation of Grievance Redressal Mechanism) (Amendment) Regulations, 2023 has been amended to reduce timelines and introduce auto-routing and auto-escalation of complaints. The amendments are designed to make the redressal process of grievances in the securities market more efficient. [20 Sep 2023]
RBI notification: DQI for commercial and microfinance segments
The RBI has published a notification regarding data quality index (DQI) for assessing the quality of data submissions by credit institutions (CIs) to credit information companies (CICs). The notification advises that CICs must prepare DQIs for commercial and microfinance segments and provide these to all CIs by 31 March 2024. [20 Sep 2023]
SBV: Workshop on promoting the development of the e-payment market in Vietnam
The State Bank of Vietnam (SBV) has published a summary of the discussions that took place at the at the Workshop on ‘Promoting the development of the e-payment market in Vietnam’, held on 15 September.
The discussions covered:
- possible solutions to promote the development of e-payment, including the development of the infrastructure for bank card payment acceptance (bank cards, QR code, etc); and
- the development of domestic credit cards in order to accelerate the implementation of the National Financial Inclusion Strategy, promote cashless payment and restrict black credit. [18 Sep 2023]