Risk & Compliance

Regulatory Update: The areas of focus Q2 2024

Projective Group’s Risk & Compliance specialists closely monitor developments in financial laws and regulations. Using our compliance software Ruler, we keep track of all current affairs. We then determine the impact of the changes and translate the developments into the daily practice of our clients.

What developments should your organisation be aware of? In our quarterly Regulatory Updates, we provide a structured overview of regulatory changes and their impact on financial institutions. In this article, we highlight a number of developments.

Date:April 24, 2024

Notice: Undefined index: titleWrapper in /data/sites/web/projectivegroupcom/www/wp-content/plugins/seo-by-rank-math/includes/modules/schema/blocks/toc/class-block-toc.php on line 103


What laws and regulations have recently come into force?

CSDR Refit

On 16 January 2024, Regulation 2023/2845 (CSDR Refit) entered into force. The amendments made to the CSD Regulation through Regulation 2023/2845 aim to:

  • Enhance the safety and efficiency of securities settlement in the EU,
  • Improve the attractiveness of EU capital markets, and
  • Ultimately contribute to financing the economy.

The changes are particularly relevant for financial firms involved in Central Securities Depositaries (CSDs) or Central Securities Depositories. These modifications concern the rules related to settlement discipline, specifically focusing on the buy-in procedure. Additionally, rules have been adjusted regarding the duties of mandatory users’ committees of CSDs.

Amendment Decree Financial Markets 2023

On 31 January 2024, the Amendment Decree Financial Markets 2023 partially entered into force. This concerns two provisions that are relevant to UCITS managers, namely:

  • The abolition of the obligation for UCITS managers to provide the AFM with a notification from an accountant within four weeks after each financial year, indicating that the UCITS has complied with the BGfo.
  • Introducing the requirement for UCITS managers to have the necessary expertise and competence to ensure effective integration of sustainability risks and to take into account the conflicts of interest that may arise due to the integration of sustainability risks into processes, systems, and internal control.

The remaining provisions of the Amendment Decree will enter into force on 1 July 2024.

SOFR and TONA in certain OTC derivatives contracts

On 11 February 2024, Delegated Regulation 2024/363 on the transition to benchmarks referencing SOFR and TONA in certain OTC derivatives contracts entered into force. Due to the benchmark transition, LIBOR interest rates cannot be used as benchmarks in OTC derivatives contracts from the year 2022 onwards. Consequently, regulators and market participants have been working on rates to replace these benchmarks, particularly focusing on the development of new risk-free interest rates. These new interest rates can be used as benchmarks in financial instruments and agreements.

Particularly, the risk-free interest rates of Secured Overnight Financing Rate (SOFR) and Tokyo Overnight Average Rate (TONA) are produced for USD and JPY. ESMA has assessed which classes of OTC derivatives referencing SOFR or TONA must fall under the clearing obligation. In the amended delegated regulation, ESMA has specified which classes are subject to the clearing obligation.


On 28 March 2024, the revision of MiFIR entered into force and became directly applicable. The amendments to MiFID2 are also finalized but must be implemented in national legislation by 29 September 2025 at the latest and will then come into effect.

The following developments are explained in this article:

1. DNB Good practices: Guidance on prudential reporting for investment firms and managers of investment funds

Investment firms, managers of investment institutions, and UCITS are required to send prudential reports to DNB. For DNB, it is important that the quality of the data is good. To ensure better quality of prudential reporting, DNB has developed good practices.

The Guidance on Prudential Reporting for Investment Firms and Managers of Investment Institutions covers the following three topics:

  1. Overall governance and infrastructure: DNB provides good practices for both the overall governance structure and the data architecture and IT infrastructure.
  2. Processes for collecting legally required prudential data: DNB outlines good practices concerning the accuracy and integrity of processes in collecting data, the completeness and timeliness of the data, and adaptability.
  3. Accuracy, clarity, usability, frequency, and dissemination of prudential reports: DNB provides good practices regarding the collected data.

It is expected that these good practices will come into effect during 2024.

2. Lump sum revision law

Under the Lump sum revision law, RVU, and leave savings, all participants have the choice between receiving a lump sum payment:

(1) on the pension commencement date, or

(2) in February following the year in which the participant reaches the state pension age (‘deferred payment moment’).

Pension providers have indicated that the deferred payment moment creates disproportionate complexity for them regarding administration, communication, and decision support. As a result, the government has been requested to collaborate with pension providers (representatives) to examine which adjustments are necessary to reduce this complexity, decrease implementation costs, and improve understanding for the participant. These adjustments will be implemented through the Lump sum revision law.

The Lump sum revision law includes adjustments regarding two aspects:

  • The target group that may qualify for the possibility to defer the payment within the framework of equal treatment legislation and the feasibility of the scheme, and
  • Practical adjustments in the payout stream (the manner in which the pension is distributed over time).

The actual entry into force of the Act has been postponed several times. It is expected that the Act will come into force at the earliest by the end of 2024.

3. New consumer credit directive

On 20 November 2023, the revised European Consumer Credit Directive (CCD2) came into effect. The revised EU rules aim to better protect consumers when applying for credit. The new rules ensure that information about credits, such as total costs, is clear and understandable. Additionally, the revised directive includes an obligation for credit providers to assess the solvency of consumers.

The revised Consumer Credit Directive:

  • ensures that information about credits, such as total costs, is clear, understandable, and tailored for digital use;
  • contains stricter advertising rules to protect consumers with excessive debt from malpractices, and effective measures against excessive costs;
  • requires credit providers to assess the solvency of consumers to protect them from excessive debt;
  • expands the scope of the directive to loans of less than €200 and ‘buy now, pay later’ products;
  • grants consumers the right to terminate a credit agreement within 14 days, and grants former cancer patients the right to be forgotten.

The directive still needs to be implemented in national legislation. No draft bill has been consulted for this purpose yet. The rules will apply from 20 November 2026. On that date, the (old) Consumer Credit Directive (2008/48) will be repealed

4. Artifical Intelligence Regulation (AI Act)

The AI Regulation applies to anyone developing, placing on the market, or deploying AI. It regulates the following subjects:

  • harmonised rules for placing on the market, putting into service, and using AI systems in the EU.
  • prohibition of certain AI practices.
  • specific requirements for high-risk AI systems and obligations for operators of such systems.
  • harmonised transparency rules for certain AI systems.
  • harmonised rules for placing on the market of AI models for general purposes.
  • rules on market surveillance, market surveillance management, and enforcement.
  • measures to support innovation, with particular attention to small and medium-sized enterprises, including startups.

The regulation categorises AI systems into risk classes:

  1. Unacceptable risk,
  2. High risk, and
  3. Low risk.

The higher the risk, the stricter the requirements. Systems posing an unacceptable risk are prohibited, such as a system that compiles databases for facial recognition by indiscriminately scraping facial images from the internet or camera images.

High-risk systems relevant to financial institutions include:

  • AI systems used to assess the creditworthiness of natural persons or determine their credit scores, except for AI systems used to detect financial fraud.
  • AI systems used for risk assessment and pricing concerning natural persons in the case of life and health insurance.

The AI Regulation was adopted by the European Parliament on 13 March 2024. After the text is definitively approved, it will be published in the Official Journal. The obligations for companies and institutions will come into force two years later. However, AI systems posing an unacceptable risk must be withdrawn from the market within six months.

On 9 April 2024, DNB and AFM jointly published a report on “The Impact of AI on the Financial Sector and Supervision.” In it, they describe the starting points and focal points for shaping supervision of AI.

5. Accessibility directive

The Accessibility Directive contains provisions for the implementation of the UN Convention on the Rights of Persons with Disabilities. The aim of the Accessibility Directive is to improve the accessibility of a range of products and services for persons with disabilities or functional limitations by setting accessibility requirements.

The accessibility rules cover a wide range of products and services, including certain financial services. The financial institutions that will have to comply with the accessibility requirements are:

  1. Providers of mortgage or consumer credit;
  2. Investment firms providing investment services as referred to in sections a to d of the definition of ‘provision of an investment service’ as referred to in Article 1:1 of the Financial Supervision Act;
  3. Banks offering payment accounts (and associated facilities);
  4. Payment service providers providing payment services or electronic money institutions issuing electronic money.

Other financial services must also comply with the accessibility requirements. The new directive refers to “e-commerce services”. This means that the accessibility requirements also apply when services are provided to a consumer remotely, via websites, or based on mobile devices. For example, think of a company offering savings accounts through its online platform.

An exception is made for micro-enterprises (<10 employees) and also if the obligations would impose a disproportionate burden. But in that case, the company must substantiate this in writing, with lack of time, knowledge, and priority not being valid justifications.

What do the new rules entail?

  • There must be procedures to ensure that the services are accessible and remain so for persons with disabilities. For example, the company must ensure that information is understandable and available in more than one sensory way;
  • If a financial service does not comply with the accessibility requirements, the company must immediately take measures to bring the service into compliance with the applicable regulations. This must also be reported to the AFM;
  • The general terms and conditions must contain provisions indicating that the service complies with the accessibility requirements of the Accessibility Directive;
  • Information must be understandable (maximum B1 level), and information provided to consumers must be written in a maximum of B2 language level.

The Accessibility Directive and its implementing legislation must be implemented by 28 June 2025 and will apply from that date to new products and services. Existing products and services have a transition period of five years.

ESG Extended

Recently, we also offer the opportunity to easily and comprehensively understand ESG regulations that may not directly apply to you as a financial institution but are indirectly relevant. For example, if you are planning to invest in a ‘green project.’ A good overview of ESG regulations can help you make an informed decision. You will then be able to incorporate the ESG impact into your decision-making. Interested?


What other upcoming laws and regulations do you need to consider?

In our next Regulatory Update article, we will explain the following developments in more detail, among others:

  • Directive to strengthen consumer position for the green transition
  • Revision of PSD2 (PSD3 and PSR)

Request a tailored Regulatory update

We hope this article has given you an idea of the recent developments. Want to make sure you haven’t overlooked anything? Then you can request a tailor-made Regulatory Update (available in Dutch and English). You will then receive a comprehensive quarterly report with current affairs, legislative changes, regulatory publications and consultations. This report is fully tailored to your organisation and activities. The relevant developments are explained by our experienced consultants, and there is also an opportunity to ask questions, for example about ambiguities in the legislation.

With our Regulatory Update, you will be timely informed of upcoming legislative changes and will not be confronted with any surprises.

Our specialists discuss the possible impact on your organisation with you and help you think about possible next steps and their practical implementation. They can also help with an action plan for adapting policy and procedures, so you always remain in control. For more information, please feel free to contact us.