In this regular post, we round-up FinTech-related financial services regulatory developments for the week ending 1 December 2023.
- APP Fraud – the UK is increasingly looking out of step
- Cyber Monthly Wrap-up (UK, EMEA and the US) – November 2023
- Cyber security: A month in retrospect (Australia) – November 2023
- Saudi Arabia’s Personal Data Protection Law – What you need to know
- Future of Work: Key insights, risks and recommendations for 2024
- Innovation, IP and the energy transition – Creative tensions
BIS Innovation Hub publishes report on Project Tourbillon: exploring privacy, security and scalability for CBDCs
The Bank for International Settlements (BIS) Innovation Hub has published a final report on Project Tourbillon, which tested the concept of payer anonymity for retail central bank digital currencies (CBDCs). The experiment proposes a concept of payer anonymity, providing cash-like anonymity to the payer.
- summarises the work carried out in Project Tourbillon;
- describes the two eCash based prototypes and how they were tested;
- presents the results and discusses privacy, security, scalability, trade-offs and implementation considerations; and
- concludes with an outlook on possible future work. [29 Nov 2023]
Head of BIS Innovation Hub discusses CBDCs
BIS has published a speech by Cecilia Skingsley, Head of the BIS Innovation Hub, at the ‘Exploring central bank digital currency: Evaluating challenges & developing international standards’ conference in Washington DC. In the speech, Ms Skingsley addressed the following questions concerning central bank digital currencies (CBDCs):
- Are CBDCs a solution looking for a problem?
- Are CBDCs a threat to privacy?
- Do CBDCs present a risk to financial stability?
She also discussed the benefits and opportunities of wholesale CBDCs as well as the future of CBDCs. [29 Nov 2023]
FSB assesses risks of multi-function cryptoasset intermediaries
The Financial Stability Board (FSB) has published a report on the financial stability implications of multifunction cryptoasset intermediaries (MCIs). MCIs are individual firms or groups of affiliated firms that combine a broad range of cryptoasset services, products and functions typically centred around the operation of a trading platform.
- looks at the structure and functioning of MCIs and assesses relevant financial stability risks;
- describes data gaps and identifies potential indicators to monitor MCI developments; and
- discusses implications for policy consideration by the FSB and relevant standard-setting bodies.
- The report notes that while the threat to global financial stability and to the real economy from the failure of an MCI appears limited at present, significant information gaps remain. [28 Nov 2023]
BCBS newsletter: Adoption of POR and PSMOR
The Basel Committee on Banking Supervision (BCBS) has published a newsletter which sets out information on the BCBS’ assessment of the adoption of the Principles for Operational Resilience (POR) and the revised Principles for the Sound Management of Operational Risk (PSMOR) published in March 2021.
The assessment found that:
- the effectiveness and maturity of POR and PSMOR adoption vary across banks and jurisdictions;
- the mapping of interconnections and interdependencies for critical operations, and the definition of tolerances for disruption to these operations are the most common challenges that banks face when adopting POR and PSMOR; and
- full adoption of POR and PSMOR will require adequate resourcing and prioritisation.
The publication is for informational purposes only and does not constitute new supervisory guidance or expectations. Nevertheless, the BCBS strongly encourages the full adoption of POR and PSMOR into banks’ operational risk management practices and regulatory and supervisory frameworks in order to strengthen their ability to withstand operational risk-related events and enhance operational resilience. [27 Nov 2023]
Regulatory Initiatives Grid published
The Financial Services Regulatory Initiatives Forum (FSRIF) has published the November 2023 edition of the Regulatory Initiatives Grid which sets out the planned regulatory initiatives for the next 24 months and highlights key examples of closely interconnected initiatives to help stakeholders easily identify such initiatives.
The FSRIF welcomes feedback on the Grid, particularly regarding the ways in which the Grid has been useful for stakeholders in their planning for regulatory initiatives and where improvements can be made in this regard.
The FSRIF is comprised of the FCA, PRA, Bank of England (BoE), Payment Systems Regulator (PSR), Competition and Markets Authority (CMA), Financial Reporting Council (FRC), The Pensions Regulator (TPR), and Information Commissioner’s Office (ICO), with HM Treasury (HMT) attending as an observer member. The Grid is normally published on a biannual basis. [30 Nov 2023]
#APPFraud #Crypto #Payments
HMT: UK-Japan Financial Dialogue and Financial Regulatory Forum joint statement
HM Treasury (HMT) has published the joint statement between the UK and Japan on the combined UK-Japan Financial Dialogue and Financial Regulatory Forum, convened in Tokyo, Japan on 27 November 2023. The statement records the discussions held at the event, including in relation to: global economic challenges; the digital economy; reconstruction of Ukraine; sustainable finance; and banking. [27 Nov 2023]
EBA issues new guidance to AML/CFT supervisors of CASPs
The European Banking Authority (EBA) has published a report which extends the risk-based anti-money laundering and countering the financing of terrorism (AML/CFT) supervision guidelines to AML/CFT supervisors of cryptoasset service providers (CASPs). These guidelines amend the EBA’s revised Risk-Based Supervision Guidelines. The amendments:
- emphasise the importance of cooperation among competent authorities, prudential supervisors and other stakeholders;
- highlight the importance of a consistent approach to setting supervisory expectations where multiple competent authorities are responsible for the supervision of the same institutions;
- provide guidance on the sources of information available to competent authorities when supervising crypto-asset service providers;
- set out how competent authorities should determine the type of guidance needed within the sector and how to communicate this guidance in the most effective manner; and
- stress the importance of training to ensure that staff from competent authorities are well trained and have the technical skills and expertise necessary for the execution of their functions, including the supervision of crypto-asset service providers.
The guidelines will be translated into the official EU languages and published on the EBA website. The deadline for competent authorities to report whether they comply with the guidelines will be two months after the publication of the translations. The guidelines will apply from 30 December 2024. . [27 Nov 2023]
OJ: Directive amending Consumer Rights Directive concerning financial services contracts concluded at a distance
Directive (EU) 2023/2673 amending the Consumer Rights Directive as regards financial services contracts concluded at a distance and repealing the Distance Marketing Directive (DMD) has been published in the Official Journal of the EU (OJ).
The Directive will come into force on the twentieth day following its publication in the OJ. [28 Nov 2023]
SFC makes available materials for AML/CFT webinars held in November 2023
The SFC has made available the materials for the webinars on anti-money laundering and counter-financing of terrorism (AML/CFT) held on 15 and 16 November 2023 (see previous update). They can be found on the SFC’s webpage here, under the headings of ‘Training materials – Presented by SFC staff’ and ‘Training materials – Presented by external parties’ respectively.
Licensed corporations, SFC-licensed virtual asset service providers and associated entities are encouraged to download the materials for reference and internal training as appropriate. [30 Nov 2023]
#VirtualAsset #AML #CFT
HKMA announces launch of suspicious proxy ID alert for FPS
The HKMA has announced the launch of the Faster Payment System (FPS) Suspicious Proxy ID Alert, to alert FPS users of the associated fraud risks before conducting transactions using FPS proxy IDs.
Users will be alerted of the high risk of fraud if the payee’s FPS proxy ID (including mobile phone number, email address, and FPS Identifier) falls within the list of proxy IDs labelled as ‘high risk’ on Scameter, an anti-fraud search engine developed by the Hong Kong Police Force (Police) (see our previous update on the launch of Scameter). An alert message will be displayed to users, reminding them to think twice before deciding whether to cancel the transaction or continue with the payment.
The HKMA has been collaborating closely with the Police, the Hong Kong Interbank Clearing Limited and the industry, including banks and stored value facility (SVF) operators, to develop an alert mechanism based on the information available from Scameter. All FPS participating institutions that provide real-time fund transfer services to personal users where FPS proxy IDs are used, including a total of 44 banks and SVF operators, have launched this initiative. [27 Nov 2023]
Insurance Authority CEO discusses enforcement priorities and other matters of interest at Insurance Summit 2023
The Insurance Authority’s CEO, Mr Clement Cheung, gave a presentation titled ‘The Balancing Act of Promoting Market Development and Fulfilling Societal Needs’ at the Insurance Summit 2023 of the Vocational Training Council on 24 November 2023.
Mr Cheung discussed a number of areas including (among others) product innovation, cross-boundary collaboration, new and emerging risks (climate and cyber risks), insurance-linked securities, cyber insurance, conduct and culture, as well as enforcement priorities.
The Insurance Authority’s enforcement priorities are:
- misappropriation of premiums;
- forgery of signatures;
- late filing of regulatory returns;
- providing false information during licence applications;
- inadequate suitability assessment; and
- cross-border selling. [24 Nov 2023]
BoT consults on Open Data for consumer empowerment policy
BoT has published a consultation on policy guidelines for creating a mechanism for Open Data for consumer empowerment in the financial sector. Responses to the consultation are requested by 31 December 2023. [30 Nov 2023]
Treasury Deputy Secretary Adeyemo addresses blockchain group
The US Department of the Treasury has published the remarks delivered by Deputy Secretary of the Treasury Wally Adeyemo at the 2023 Blockchain Association’s Policy Summit. Mr Adeyemo noted the growth in virtual currency transactions, citing the Office of Financial Research’s findings that, in 2021, companies reported more than 2 billion transactions totaling $1.4 trillion in virtual currency transactions which was approximately four times as many transactions and seven times the volume of the previous year. He then focused on the steps being taken to prevent the digital asset ecosystem from being used for illicit activity, including:
- a set of rulemakings which are intended to increase the transparency of currency mixers which were released in October;
- recommendations to Congress to expand authorities and broaden tools and resources to pursue illicit actors; and
- engaging with the Financial Action Task Force (FATF). [29 Nov 2023]
Treasury sanctions virtual currency mixer used by the DPRK
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned a virtual currency mixer. OFAC explains that the mixer serves as a key money-laundering tool of an OFAC-designated state-sponsored cyber hacking group of the Democratic People’s Republic of Korea. [29 Nov 2023]