Regulatory update: the focus points for Q4 2023

Retrospective

What laws and regulations have recently come into force? 

• On 25 July 2023, the delegated regulation strong client authentication came into force. This delegated regulation amends delegated regulation 2018/389, which provides exceptions to the principle of strong client authentication. 
• On 2 October 2023, the EBA guidelines on remote customer onboarding came into force. These guidelines set out the steps that financial institutions must take to comply with the obligations that apply when conducting initial customer due diligence (CDD) that does not involve physical contact.
• On 3 October 2023, the revised ESMA guidelines on MiFID II suitability requirements entered into force. The revised guidelines complement the 2013 guidance, including the issue of identifying sustainability preferences. 

Regulatory Update

Improving reports on occupational pension provision (IORPs) 

In 2018, EIOPA published a decision on the information to be provided by IORPs through national supervisors to EIOPA. EIOPA held a consultation in the spring of 2023 and published the revised decision on 10 February 2023. The revised decision focuses primarily on national insurance regulators. Indirectly, the regulations cover (occupational) pension funds and PPIs. The revised decree closes gaps with respect to the reporting of occupational pension provision (IORPs): 

• More information focusing on emerging risks and new areas;
• Inconsistencies identified in the current decision have been resolved; and
• Where relevant, disclosures are aligned with the EIOPA XBRL taxonomy release 2.8.0.

EIOPA amended the current decision by including the following information:

• Information on derivatives to assess different types of risks and how this affects occupational pension provision risks;
• Cash flow information;
• High-level look-through data on IORPs’ investments in UCITS;
• Detailing of the NACE code, allowing better assessment of environmental, social and governance (ESG) risks. 

The amended decision will apply from 1 January 2025.

EBA guidelines on benchmarking diversity and the gender pay gap 

EBA presented its draft guidelines on benchmarking diversity and the gender pay gap on 24 April 2023. These guidelines introduce a new reporting format for this purpose. 

The guidelines specify the information to be provided by banks and Category 1 and 2 investment firms to supervisors on diversity practices and gender pay gap data.

In total, the guidelines contain 11 annexes requiring the following information to be provided:

• Diversity benchmarking questionnaire
• Age and gender of executive directors
• Composition of committees
• Age and gender of non-executive directors
• Newly appointed executive directors
• Newly appointed non-executive directors
• Business regions and geographical origin
• Educational background
• Professional background
• Diversity policy
• Benchmarking gender pay gap

The guidelines take effect three months after publication in all EU languages. Companies are not expected to have to report for the first time until 2025, based on 2024 data. 

Mortgage Credit Directive (MCD) revision 

The EU Mortgage Credit Directive (MCD) may be subject to revision. On 23 June 2022, the EBA published a report in response to the EC’s request for advice on the review of the MCD. In this report, the EBA responds to the consultation. The EBA proposes to revise the MCD. In June 2022, the EBA proposed to:

• Review pre-contractual and advertising information requirements;
• Ensure that information disclosure rules are suitable for digital channels;
• Introduce additional measures when artificial intelligence is used to assess creditworthiness;
• Introduce borrower-based measures in the information provided to consumers; and
• Establish an EU-wide definition of ‘green mortgages’.

For now, no concrete proposal for adjustment has been made. The EC is expected to come up with a proposal in the first quarter of 2024.  Any adjustments are not expected to take effect before 2026.

AML/CFT regulation 

On 20 July 2021, the EC published a number of legislative proposals for consultation, including the Regulation on AML/CFT. Negotiations on this between the Council and the EP are currently ongoing.

The legislative package aims to strengthen the European anti-money laundering and counter-terrorist financing regime. This new regulation transfers the current provisions from the AML directive to the regulation. In addition, it makes a number of substantive changes to achieve greater harmonisation and consistency in the application of AML/CFT rules across the EU. The following topics are amended:

• Subject matter and scope, including list of notifiable entities 
• Internal policies, controls and procedures 
• Client survey
• Policy towards third countries 
• Politically exposed persons
• Use of third parties and outsourcing
• Information on UBO
• Reporting requirement
• Data protection

The regulations are not expected to come into force until 2026 at the earliest.

Adjustments delegated regulation on risk retention requirements for securitisations 

On 12 April 2022, the EBA published its final draft RTS on risk retention requirements for securitisations. This final draft RTS sets requirements for originators, sponsors and original lenders (involved in a securitisation transaction) in accordance with Art 6(7) of the Securitisation Regulation. On 10 July 2023, the European Commission (EC) published the draft delegated regulation.

Reconciling the interests of entities involved in a securitisation is essential. To achieve this, the originator, sponsor or original lender should maintain a minimum 5% interest in the material net economic exposure. Many of the provisions included in the previous delegated regulation on risk retention (from 2018) are carried over. In addition, a number of adjustments are made. These include provisions on an enlarged mandate for the EBA on risk retention, these follow the amendments to the Securitisation Regulation via Regulation 2021/557.

Examples include:

• The conditions for risk retention in the case of traditional non-performing exposures (NPE) securitisations;
• The impact of fees payable on risk retention requirements;
• Servicer’s expertise in NPE securitisations;
• Clarification of synthetic excess spread;
• Retention in re-securitisations; and 
• Proprietary debt instruments issued.

In addition, adjustments have been made to the existing provisions to remain consistent with the mandate in Section 6(7) Securitisation Regulation and further clarify certain aspects.

The adjustments are expected to take effect by the end of 2023.

Outlook

What other upcoming laws and regulations do you need to consider? 

In our next Regulatory Update article, we will explain the following developments in more detail, among others:

• Anti-corruption directive; and 
• Retail investment strategy.

If you want to stay updated about our Regulatory Updates, you can subscribe to our monthly Risk & Compliance newsletter below.

Request a regulatory update

We hope this article has given you an idea of the Q4 2023 developments. Want to make sure you haven’t overlooked anything? Then request a tailor-made Regulatory Update (available in Dutch and English). You will then receive an extensive quarterly report with current affairs, legislative changes, regulatory publications and consultations. This report is fully tailored to your organisation and activities. This way, you will be timely informed of upcoming legislative changes and will not be confronted with any surprises.

Our specialists will discuss with you the possible impact on your organisation and help you think about possible next steps and their practical implementation. They can also help with an action plan for adapting policies and procedures, so that you always remain in control. For more information, please feel free to contact us.