Among the items covered in this month's update are the delayed implementation of strong customer authentication in the UK, an update from ESMA and the EBA on cryptoassets, calls for a more harmonised EU anti-money laundering regulatory framework, and the results of the FCA's review of the SMCR regime.

Payment services

FCA delays deadline for implementing SCA under PSD2

From 14 September 2019, the new rules on strong customer authentication (SCA) made under the revised Payment Services Directive (PSD2) will apply, impacting the way in which banks and payment services providers verify their customers' identity.

The SCA standards are intended to enhance the security of payments and limit fraud.

On 13 August 2019, the FCA agreed an 18-month plan to implement SCA with the e-commerce industry of card issuers, payments firms and online retailers. The plan reflects the recent opinion from the European Banking Authority (EBA) that recognised that regulators may need to provide stakeholders more time to implement SCA given the complexity of the requirements.

The FCA explains that it "will not take enforcement action against firms if they do not meet the relevant requirements for SCA from 14 September 2019 in areas covered by the agreed plan, where there is evidence that they have taken the necessary steps to comply with the plan", and that at the end of the 18-month period it "expects all firms to have made the necessary changes and undertaken the required testing to apply SCA".

While the EBA has said it will monitor the consistency of SCA implementation across the EU, there is a concern within the industry that differing approaches to implementation across Member States may result in regulatory arbitrage.

For further information on the new rules and the FCA's expectations, head over to the FCA's newly published webpage.

Extension of FCA general standards and communication rules to payment services and e-money sectors

From 1 August 2019, the application of the FCA's Principles for Businesses was extended to payment service providers, e-money institutions, payment institutions and regulated account information service providers.

The FCA's Principles for Businesses set out 11 fundamental obligations authorised firms must adhere to. The Principles cover issues such as client communications, protection of client assets, conflicts of interest, conducting business with integrity, skill, care and diligence, and relations with the regulator.

In addition to the Principles, the FCA has also extended the application of the rules contained in BCOBS 2 to communications with payment service and e-money customers. Payment firms must now communicate information with "banking customers" in a way that is "fair, clear and not misleading", when connected to the activity of accepting deposits. The FCA hopes this will ensure consistent communication and address misleading promotions within the market.

Both sets of changes are intended to ensure that there is a consistent approach across all firms in this sector. The FCA believes that the same set of principles and communication standards will result in more effective supervision and increase consumer confidence of their fair treatment.

For further details on the changes, please see the FCA's Policy Statement on general standards and communications for the payment services and e-money sectors (PS19/3).

General financial services regulation

ESMA and EBA's response on cryptoassets

On 20 August 2019, the European Securities and Markets Authority (ESMA) and the EBA published a letter on cryptoassets which they jointly sent to the European Commission.

The letter outlines some of their work streams on cryptoassets, in addition to monitoring market developments. At an international level, ESMA and the EBA are engaging with various regulatory authorities (including the Financial Stability Board and the Committee on Payments and Market Infrastructures) in order to help inform a common international approach on matters such as the regulatory treatment of cryptoasset exchanges and trading platforms.

At the EU level, ESMA and the EBA are due to launch a "new stocktaking exercise of national regimes applicable to cryptoassets". This will include specific questions relating to the regulatory treatment of stablecoins, in the light of their increasing prominence.

The letter also states that "stablecoins" (a cryptocurrency pegged to another stable asset) will be discussed at the upcoming European Forum for Innovation Facilitators event in September, together with various other financial technologies.

For further information on the FCA's approach to cryptoassets and the regulatory perimeter, take a look at our recent update "Regulating the new kid on the block".

FCA identifies poor practice in CMC industry

On 23 August 2019, the FCA published a press release stating that claims management companies (CMCs) "must do more to ensure their promotions do not mislead potential customers".

The FCA has introduced new rules in relation to financial promotions made by CMCs to ensure that they provide information to customers that is clear, fair and not misleading. These rules require CMC firms to:

  • identify themselves as a CMC
  • prominently state if a claim can be made to a statutory ombudsman/compensation scheme without using a CMC and without incurring a fee
  • include prominent information relating to fees and termination fees which the customer may have to pay if a firm uses the term 'no win, no fee' or a term with a similar meaning.

Jonathan Davidson, executive director at the FCA said that "many CMCs play a significant role in helping consumers to secure compensation. But CMCs using misleading, unclear and unfair advertising practices to get business is completely unacceptable. We won't hesitate to take action where we consider that customers are being misled or otherwise treated unfairly by poor advertising."

If the FCA concludes that firms have used very poor promotions, it is unlikely that these firms will meet the Threshold Conditions for continuing authorisation.

Financial crime

UK Serious Fraud Office issues guidance on corporate cooperation

On 6 August 2019, the UK Serious Fraud Office (SFO) issued its guidance on corporate cooperation aimed to assist corporations and SPO staff by outlining what is considered to be "cooperation" when assisting the SPO in its investigations.

The concept of "cooperation" has long been regarded as a key consideration which the SPO takes into account when assessing whether companies will qualify for cooperation credit (or mitigation at sentencing) and whether to enter into a Deferred Prosecution Agreement. However, prior to now, there has been little clarity on the meaning of cooperation.

The updated guidance defines cooperation as "providing assistance that goes above and beyond what the law requires". This includes identifying persons responsible and suspected of wrongdoing and criminal conduct, reporting this to the SPO within a reasonable time of the suspicions coming to light, and preserving evidence and providing it promptly in a sound format.

The guidance also identifies good general practices that facilitate cooperation, including preserving relevant material in a way that prevents destruction or damage, ensuring digital integrity, providing material in a useful and structured way, and providing a list of document custodians and the location of each document.

While the guidance is welcomed, it should be noted that cooperation will not guarantee a particular outcome with the SPO, with each case turning on its particular facts.

ECB Chair of Supervisory Board calls for more harmonised AML regulatory framework

The European Central Bank (ECB) has published an interview (dated 22 August 2019) with Andrea Enria, Chair of the ECB Supervisory Board, regarding the EU's anti-money laundering (AML) regulatory framework.

Mr Enria commented that, while the ECB does not have legal responsibility for AML, it sees that cooperation between prudential supervisors (including the ECB) and AML authorities is important.

Although the Fourth Money Laundering Directive (EU) 2015/849 has clarified and strengthened AML controls and legal safeguards to protect against money laundering, the EU needs to move towards a more harmonised regulatory framework, where closer cooperation and centralisation of relevant tasks is required.

In particular, Mr Enria believes this is best achieved through AML regulations rather than directives, since they are directly applicable to all banks and other relevant firms. Improved supervision within the AML field is also stressed.

Mr Enria also addressed "big data", noting that if big data companies want to provide banking services, they will need to be licensed, regulated and supervised as banks. In a similar vein, any player that may provide channels for money laundering needs to be subject to money laundering legislation, regardless of the type of institution.

It is important to note that whilst cryptocurrency exchanges, or digital currency exchanges, provide payment services rather than banking services, they are still subject to AML supervision.

Enforcement and investigations

Upper Tribunal publishes decision in Tinney v FCA [2019]

On 16 August 2019, the Upper Tribunal found that Andrew Tinney, former COO of Barclays Wealth and Investment Management (Barclays Wealth), had breached his obligation as an approved person to act with integrity under the Statements of Principle and Code of Practice for Approved Persons (APER).

In September 2016, the FCA issued a decision notice notifying Tinney of its intention to make a partial prohibition order, preventing him from performing any senior management or significant influence function, along with a statement of misconduct.

The FCA alleged that Tinney deliberately made false or misleading statements and omitted information about a report concerning the tone of senior management at Barclays Wealth Americas (on two separate occasions). The first related to a note for the CEO of Barclays Wealth to share with senior management, and the second concerned a response to a request by the Federal Research Bank of New York (New York Fed). Tinney had denied the accusations and referred the FCA's decision to the Upper Tribunal.

The tribunal found that Tinney had failed to meet the standard of integrity by being reckless. However, it did not uphold the FCA's submission concerning the New York Fed request, since the FCA had failed to prove that Tinney had made false or misleading statements or omitted material information.

The tribunal found that it was appropriate for the FCA to publish a statement of misconduct (public censure), and the FCA has accordingly published a final notice. The tribunal also recommended that the FCA reconsider imposing a partial prohibition order, which it decided not to pursue.

Banking and insurance

High Court blocks Part VII transfer – Prudential and Rothesay Life

On 16 August 2019, the UK High Court refused to approve the transfer of a portfolio of annuity policies from Prudential Assurance Company Ltd (Prudential) to Rothesay Life PLC (Rothesay) under Part VII of FSMA.

To facilitate the planned demerger of the Prudential group, Prudential and Rothesay had entered into an agreement under which Rothesay agreed to reinsure £12.9 billion of Prudential's annuity liabilities, and for those policies and liabilities to be later transferred to Rothesay by way of Part VII transfer. The parties then sought the Court's sanction for the Part VII transfer.

Both the PRA and the FCA stated no objections and approved the proposed transfer in their reports to the court. An independent expert report also reached conclusions supportive of the transfer.

Despite support, Snowden J. refused to approve the transfer and sanction the scheme, instead siding with the objections from numerous policyholders. The decision was primarily based on the argument that the annuity holders had reasonably assumed that Prudential would provide their annuities for life, and that their policies should not be transferred to a smaller insurer, only to further the commercial interests of Prudential.

The decision raises a number of important issues particularly for insurers looking to transfer annuity policies. It is clear that a positive independent expert report and support from regulators will not guarantee court approval for a Part VII transfer. The court has shown its willingness to exercise considerable discretion in this regard which throws uncertainty over the transfer of annuity books in the future.

ECB is prepared for a no-deal Brexit

On 28 August 2019, the ECB published a transcript of an interview given by its Supervisory Board Chair, Andrea Enria.

In the interview, Mr Enria explains that the banks "have done all we asked them to do, so they are prepared". They have defined their operating models and are planning to gradually move their assets into the euro area (and for banks in the euro area to move their assets into the UK) in an orderly fashion. The ECB has also pushed banks to ensure that they have the licences, branches and subsidiaries in place to continue serving their customers in the EU.

At the end of the process, €1.3 trillion in assets will move from London to the euro area, which includes 24 banks.

Mr Enria also commented on the frictions on trade and financial transactions which will potentially have an impact on macroeconomic activities, stating: "you never know, there will always be some turbulence in markets that can affect financial activity in some way – so we need to be prepared for that".

FCA publishes findings of the SMCR in the banking sector

On 5 August 2019, the FCA published its findings into the embedding of the Senior Managers and Certification Regime (SMCR) in the banking sector. The SMCR has applied to deposit-taking firms and dual-regulated investment firms from March 2016. It was extended to insurers in December 2018 and will apply to all FCA solo-regulated firms from 9 December 2019.

The FCA's review was undertaken to better understand how the SMCR has been embedded in the banking sector in the three years since inception. The review will be of particular interest to solo-regulated firms who can learn from banks and building societies in developing their approach to embedding SMCR.

The FCA found that the industry had made a concerted effort to implement the regime. In particular, the FCA found that:

  • Senior manager accountability: All senior managers were clear on the meaning of accountability in the context of their jobs, whilst some non-executive directors (NEDs) were concerned the regime expected too much. The FCA has made clear that they do not expect NEDs to act more like executives, although the responsibilities of NEDs with senior manager functions will often be considerable, especially in larger firms.
  • Certification: Firms have implemented processes to oversee the certification population, and have broadened their approach to assessment of staff beyond solely technical skills. However, most firms fail to demonstrate the effectiveness of their assessment approach or how they ensure consistency.
  • Conduct rules: While staff generally understand conduct rules, firms do not always sufficiently tailor their rules training to job roles. Many firms were unable to explain what a conduct breach looked like in the context of their business.
  • Unintended consequences: Some firms experienced a culture of fear during the early stages of the regime, however this has largely dissipated due to working collaboratively with regulators to achieve positive outcomes. Most firms mentioned the additional staff and work required to administer the regime, although many saw this as part of creating a robust governance environment.

FS trivia

Which of the following is not a statutory operational objective of the FCA?

  • Securing an appropriate degree of protection for consumers
  • Protecting and enhancing the integrity of the UK financial system
  • Promoting the development of and innovation in payment systems
  • Promoting effective competition in the interests of consumers in the markets for regulatory financial services