With the help of compliance software Ruler, Projective Group closely monitors the developments in financial legislation. We determine the impact of upcoming changes and translate them into the daily practice of our clients.
Which developments should you take into account? Every quarter, we provide a structured overview of the regulatory changes and their consequences for financial institutions in our Regulatory Updates. In this blog, we list a number of focus areas for Q3 2023.
The standard model for information provision for premium pension institutions and pension insurers has been modified. The new standard model was established on April 4, 2023. The main improvements are as follows:
The new model will come into effect on September 1, 2023.
In 2022, the European Banking Authority (EBA) consulted on a proposal for standardised information requirements to support the sale of non-performing loans (NPLs). After the consultation, the EBA submitted a draft of these standardised information requirements to the European Commission (EC).
The consultation involved proposing technical implementation norms (ITS) to establish the requirements for providing information to potential buyers of NPLs. The information includes details about:
The draft ITS also consider the principle of proportionality by setting different information requirements depending on the size of the NPL, specifying mandatory and non-mandatory data fields, and considering a different scope of data fields related to the nature of the borrower (individual or corporation) and the loan (secured or unsecured). The goal of these ITS is to improve the functioning of the secondary markets for NPLs.
The EC must adopt and publish the draft ITS, which will come into effect 20 days after the publication. The expectation is that the implementation regulation will come into effect in the second half of 2023.
Between December 2022 and February 2023, the EBA consulted on guidelines for effective management of anti-money laundering and counter-terrorism financing risks when providing access to financial services. Shortly after the consultation, on March 31, 2023, the banking authority published the new guidelines.
The EBA aims to ensure that customers of AML/CFT institutions are not denied access to financial services without valid reasons.
With these guidelines, the EBA aims to ensure that customers of AML/CFT institutions, particularly the most vulnerable, are not denied access to financial services without valid reasons. The guidelines address situations where (vulnerable) clients may not be able to present traditional forms of identity documents for valid reasons and how institutions should handle such cases. It also outlines the steps institutions should take when considering refusing or terminating a business relationship based on ML/TF risk. AML/CFT institutions dealing with vulnerable customers must assess whether their internal processes need to be adjusted.
The guidelines need to be translated and will come into effect three months after their publication. This is expected to be by the end of 2023 or early 2024.
In late 2021, the EC proposed a revision of the Alternative Investment Fund Managers Directive (AIFMD), which also includes changes to the Undertakings for the Collective Investment in Transferable Securities (UCITS) Directive.
Negotiations on the final regulations were ongoing at the beginning of the year. According to the AIFMD, a manager may not operate an alternative investment fund or offer its units to investors without a licence. The requirements for such a licence are stringent. While the existing AIFMD achieves its objectives, the EC believes that it can be improved. The EC evaluated the AIFMD and intends to amend it, focusing on:
Requirements from the AIFMD and the UCITS Directive will also be more harmonised.
The revised AIFMD and UCITS Directive will come into effect no earlier than mid-2025, taking into account national implementation.
On November 28, 2022, the Council adopted the Digital Operational Resilience Act (DORA). There are already (European) rules regarding cyber risks, but they are limited and fragmented, leading to inconsistencies in legislation between member states and unnecessary costs. With DORA, the EC aims to implement a unified legislative framework.
DORA will impose requirements on financial organisations regarding IT risk management, IT incidents, periodic tests of digital resilience, and risk management when outsourcing to (critical) third parties. These requirements will be tailored based on the size, risk profile, and system importance of individual organisations.
On June 19, 2023, the first set of draft technical standards under DORA was submitted for consultation by the ESA’s (European Supervisory Authorities) (four draft RTS and one draft ITS). This consultation period runs until September 11, 2023:
These technical standards aim to provide a consistent and harmonised legal framework for ICT risk management, reporting of severe ICT-related incidents, and ICT risk management by third parties. A total of 13 delegated regulations will be introduced.
The lower (level 2) regulation is expected to be applicable from 2025.
In our next Regulatory Update article, we will explain the following developments in more detail:
Do you want to make sure not to overlook any developments? Then you can request a tailor-made Regulatory Update.
We hope this article has given you an idea of the regulatory changes in Q3 2023. Do you want to make sure not to overlook any developments? Then you can request a tailor-made Regulatory Update (available in Dutch and English). Each quarter you will receive a comprehensive report with current developments, legislative changes, publications by regulators and consultations. This report will be fully tailored to your organisation and activities. This way, you will never be faced with unpleasant surprises.
Established in 2006, Projective Group is a leading Financial Services change specialist. With deep expertise across practices in Data, Payments, Transformation and Risk & Compliance.
We are recognised within the industry as a complete solutions provider, partnering with clients in Financial Services to provide resolutions that are both holistic and pragmatic. We have evolved to become a trusted partner for companies that want to thrive and prosper in an ever-changing Financial Services landscape.