Managing large volumes of regulatory change can be overwhelming on wealth management firms and can distract from identifying and tracking the “big ticket” items. This article will help you navigate the change and focus specifically on those items that have tangible impact on wealth managers and private banks and deadlines spanning 2021 and 2022.
EMEA upcoming rules
EU Sustainable Finance Disclosure Regulation (SFDR) is part of an EU legislative package of:
Sustainable Finance Taxonomy Regulation (SFTR), and
Sustainable Finance Benchmarks Regulation (SFBR) with the first leg, namely the disclosure requirements due to apply from 10 March 2021.
The rules have a direct impact on EEA Wealth Management (WM) legal entities but also an indirect impact on non-EEA WM legal entities which market alternative investment funds into EEA or act as delegated investment manager to an in-scope EEA entity.
UK Onshoring: with the end of the Brexit transition period and the onshoring of key pieces of EU legislation into UK law, there have been a number of changes to the UK’s financial services framework. The challenge for the year ahead will be to navigate those changes and identify key publications.
CSSF Reg 20-05 amending 12-02 AML/CFT: These amendments, which came into effect in December 2020 introduce a number of changes to EDD, CDD, risk appetite, UBO declarations, PEP, and sanctions list screening. WM AML teams are expected to carry out a gap analysis with view to identifying and remedying gaps and updating policies and procedures.
EBA Loan Origination Guidelines: These rules aim to clarify the internal governance for the credit-granting process, specify requirements for the creditworthiness assessment of borrowers and set out expectations for the risk-based pricing of loans. For those private banks providing loans to clients, the respective Lending Solutions, Credit Risk and Credit Middle Office teams should start assessing the impact of these rules. The deadlines are:
30 June 2021: application date for newly originated loans and advances
30 June 2022: application date for existing loans and advances (granted before 30 June 2021) and advances that require renegotiation or contractual changes.
MiFID II: ESMA final guidelines on certain aspects of appropriateness and execution only (“XO”) requirements: ESMA is currently consulting on certain aspects of the appropriateness and XO requirements. ESMA feels there is currently insufficient convergence in the understanding and application of several areas of the appropriateness and execution-only requirements by firms in different Member States and often within Member States themselves.
ESMA leverages the existing Guidelines on MiFID II suitability requirements, while adjusting these to the appropriateness and XO framework. These guidelines will impact the private banks performing execution only trades. ESMA expects the final guidelines to be issued in Q3 2021, therefore firms are advised to perform a gap analysis against the rules set out in the consultation paper.
Revision FINMA Circular 2016/7 on video and online identification: FINMA is amending the due diligence requirements for clients onboarding via digital channels to take account of technological developments. To this end it is revising the Circular on “video and online identification” and holding a consultation to seek views from the market participants in February 2021.
The amendments, although not confirmed, are expected to kick in Q3 2021. For private banks, these rule changes should have a positive impact from the client experience and speed on onboarding perspective as long as they can support the technical aspect of it and implement an appropriate level of control.
ESMA final guidelines on outsourcing to cloud service providers (CSPs): these rules, which apply from 31 July 2021 to all new or renewed cloud outsourcing arrangements, carry new landscape on outsourcing to CSPs. The challenge facing private banks is that both the EBA and ESMA have issued guidelines on outsourcing, with latter focusing specifically on outsourcing to cloud service providers. Given some overlap with the guidelines and the differing implementation dates, private banks are encouraged to set up working groups (consisting of Operations, Legal, Compliance, Tech teams amongst others) to address these changes holistically.
Cross Border Distribution of Investment Funds Directive/Regulation: arguably these rules have a greater impact on asset management firms, however private banks are also impacted at the very least by the new marketing communications rules. Amongst a number of items to look out for, private banks should prepare for the upcoming ESMA final guidelines on marketing communications which are due to be released in August 2021.
MIFID II/R quick fix: In December 2020, EU Parliament approved the “quick fix” changes proposed by Commission. The MiFID II/R quick fix is designed to make targeted amendments to MiFID II/R to help facilitate the European economic recovery from COVID-19. The goal is to remove unnecessary regulatory burden on firms. Member States will have 12 months to transpose the revised provisions to their national legal frameworks.
DIFC Data Protection Act: published in July 2020 and took effect in October 2020, this new regulation aims to modernise and harmonise data protection within the Dubai International Financial Centre (DIFC) and is heavily aligned to the principles and concepts of EU GDPR.
This rule will affect your business in so far as your EMEA or Asia based Relationship Managers travel to or engage with Dubai clients. If your entity is already EU GDPR compliant then DIFC rules will not add much to your existing processes, however if your entity is not EU GDPR compliant (e.g., Asia business), then you may need to amend your privacy notices used cross-border when engaging with Dubai.
PRIIPS KID replaces UCITs KIID: existing UCITs KIID will be replaced by the new PRIIPS KID and fund houses will have to produce PRIIPS KID from 1 January 2022. This change would have a considerable impact on asset management industry, however the impact on private banks should not be underestimated. At the very least wealth managers will have to amend Fund Agreements to reflect new documentation requirements as well as amending marketing / internal websites and storage/systems to remove references to the expired UCITS KIIDs.
Amendment of AIFMD regime rules: ESMA published recommendations to the EC for wide ranging reforms of AIFMD regime. ESMA suggests greater harmonisation of UCITS and AIFMD rules. It is unclear at this stage which reforms might be considered and reforms, if any, will be released in 2022.
Revised Swiss Federal Act on Data Protection (FADP): Swiss Legislature is working on revising the existing Federal Act on Data Protection (FADP). It is an uplift to the existing Swiss data protection rules to align with EU GDPR standards.
CSDR (Central Securities Depositary Regulation): this is one of the key regulations adopted in the aftermath of the financial crisis, with a view to improving the functioning and stability of financial markets. Implementation delayed to February 2021. In December 2020, the EU Commission has recently issued a targeted consultation to gather views on the implementation of the CSDR. Wealth managers should form working groups to address these rules changes early on.
EMIR Refit (Trade repository reporting part): In December 2020, ESMA published its final report on draft regulatory technical standards (RTS) and implementing technical standards (ITS) on reporting requirements, data quality, data access and registration of trade repositories. The rules kick in mid-2022, however as these will affect the format and the way in which your Operations teams report to trade repositories, it is an opportune moment for wealth managers to start performing an initial business analysis. From the initial analysis, the new rules have increased the total reportable fields from 129 to 203, with some of the original 129 fields being retired and some existing fields being renamed or assigned to new sections.
UK specific PRIIPS KID: in October 2020, the Financial Services Bill was introduced to the House of Commons. The Bill will make amendments to the UK PRIIPS Regulation regime and will give the FCA the power to stipulate what information should be provided in the PRIIPS KID. This leaves international private banks with an unenviable task of navigating through different PRIIPS KIDs content rules depending on the country. The full impact is yet to be determined.
EC Digital Operational Resilience (DORA): in September 2020, the EC published its draft regulation on digital operational resilience for the EU financial services sector. The new rules focus on firms’ control frameworks on ICT risks and will require firms to implement ICT related incident management process.
At the same time UK FCA has been consulting on changes to how firms approach their operational resilience (FCA Operational Resilience CP19/32). The new rules are expected to be published in Q1 2021 but to be implemented by Q1 2022.
APAC upcoming rules
MAS technology risk management final Guidelines: MAS issues revised Technology Risk Management Guidelines to keep pace with the emerging technologies and shifts in the cyber threat landscape. The Guidelines are effective from the date of issuance (18 January 2021). The Guidelines set out enhanced risk mitigation strategies for financial institutions to establish robust processes for timely sharing of cyber threat intelligence and conduct cyber exercises to stress test cyber defences. Financial institutions are expected to conduct a gap analysis.
PDPC (Personal Data Protection Commission) amendments to Personal Data Protection Act (PDPA): effective 1 February 2021, PDPC announced a number of changes to the Act including introduction of mandatory breach notification to the PDPC, introduction of “legitimate interest exception” to allow organisations to collect personal data without consent and introduction of data portability obligation.
HKMA mandatory reference checking (MRC) scheme: these cover disclosure rules in relation to ongoing investigation of employees, rules on exchanging employee reference amongst firms, duration of MRC information (shortened duration to 7 years) and length of time to respond to MRC request. HKMA is currently consulting on the rules and is expected to release final rules in Q1/Q2 2021, although HKMA has not confirmed on the dates.
MAS Notice on management of outsourced relevant services: in December 2020/January 2021, MAS consulted on a proposed notice to Bank on management of outsourced relevant services. The final rules are expected, although not confirmed by MAS, in Q2/Q3 2021. Wealth managers will be required to maintain a register of all ongoing outsourced relevant service providers; the register will also need to be submitted to MAS at least semi-annually or upon request. The Regulators globally have been focusing on outsourcing rules. For global private banks, it is worth looking at these rules centrally as part of one working group/project as requirements mostly will carry a similar message.
MAS Notice 643 transactions with related parties: The Notice, which takes effect in July 2021, seeks to minimise the risk of abuse arising from conflicts of interest in firms transactions in Singapore with their related parties. Subject to specified exceptions, every bank in Singapore is required to establish and implement policies and procedures for the purposes of identifying every person in relation to whom a conflict of interest may arise, ensuring terms and conditions provided to related parties are not more favourable than to non-related parties and setting out certain materiality thresholds.
MAS 610 on trade/assets reporting: The Notice, which takes effect in July 2021, requires all banks in Singapore to submit to MAS monthly statement of assets and liabilities, monthly return on forex business transacted and quarterly return on classified exposures and collateral.
MAS Guidelines on individual accountability and conduct: MAS issued the guidelines, which take effect in September 2021, focusing on the measures financial institutions should put in place to promote the individual accountability of senior managers, strengthen the oversight of material risk personnel, and reinforce standards of proper conduct among all employees.
MAS introduced risk mitigation rules (“RMRs”) for non-centrally OTC derivatives contracts: this item has a particular focus on institutions dealing with private banking clients given that the RMRs apply not only to dealings with expert investors (“EIs”) and institutional investors (“IIs”) but also accredited investors (“AIs”) as well. RMRs apply when an in-scope entity deals in OTC derivative contracts with AIs/EIs/IIs which are booked in Singapore.
The new rules require impacted entities to establish policies and procedures on written trading relationship, disclosure of material terms as soon as practicable after trade execution, set out material terms which should be highlighted in the trading relationship documentation and sets timeframes by which trade confirmations should be executed. If you have not done so already, this is an opportune moment to start engaging with your teams including Operations and Legal teams. The implementation date of 8 October 2021 is fast approaching.
SFC revised guidelines on competency framework: In January 2021, SFC was consulting on proposed enhancements to the competency framework. The key proposals cover raising minimum academic qualification requirements for individuals, enhance the competence requirements for Type 6 licensed individuals and enhancements to the Continuous Professional Training (CPT) guidelines. SFC propose to implement the revised guidelines at least six months after their publication and in any even no earlier than 31 Dec 2021.
MAS Notice on best execution: in September 2020, MAS issued a Notice and Guidelines setting out requirements to establish written policies and procedures on best execution, setting systems and processes on monitoring compliance with best ex and client disclosure requirements prior to executing orders. Financial institutions have until March 2022 to comply with these requirements. This is an opportunity to discuss these rules with your wealth markets team and traders but also an opportunity to revisit and question of which team within private bank should own the Best execution policy.
MAS issued guidelines on environmental risk management: the aim of these regulations is to enhance financial institutions’ resilience to environmental risk and also to transition to an environmentally sustainable economy. The guidelines cover governance and strategy namely the designation of senior manager to oversee environmental risk, setting risk management framework and an annual disclosure of approach to managing environmental risk.
SFC OTC securities transactions reporting regime: SFC is consulting on the rules to impose reporting obligations on Regulated Intermediaries when the Regulated intermediary (whether as principal or agent) makes a transfer of shares that is affected by an OTC securities transaction. The proposals aim to enhance Hong Kong’s market surveillance practices. The rules are expected to go live in Q3 2022.
SFC investor identification regime (IIR): currently, Stock Exchange of Hong Kong’s (SEHK’s) trading system only captures information about exchange participants but not the identities of ultimate beneficial owners (UBOs). SFC is consulting on rules whereby each on-exchange securities order and off-exchange trade reported to SEHK will be tagged with a broker-client assigned number (“BCAN”) which is unique to each client. Firms have to submit client identification data and BCAN information by T+1 into a designated file format to central data repository. The rules are expected to go live in Q1 2022.
SFC rules on management and disclosure of climate risks by Fund Managers: SFC is currently consulting on new requirements for fund managers to take climate related risks into consideration in their investment and risk management process as well as to make appropriate disclosures to meet investors’ demand for climate risk information. The Consultation paper focuses on 4 elements, namely governance, investment management, risk management and disclosure. The new rules apply to all SFC licensed fund managers which manage any funds (private or retail). SFC made clarified that the new rules would not apply to discretionary managers which manage discretionary accounts in the form of investment mandate. Upon issuance of final rules, SFC expect all fund managers to comply within 12 months.
Globally Applicable Rules
SEC (US Securities and Exchange Commission) security-based swap dealer (SBSD) registration: any entity globally with US links that transacts over a certain volume of securities-based swaps will be required to register as a securities-based swap dealer (SBSD) and comply with a range of obligations at the entity level and the transaction level.
LIBOR replacement: the London Interbank Offered Rate (LIBOR) is being replaced. Currently the benchmark for over US$350 trillion in financial contracts worldwide, the impact of the transition from LIBOR will be far-reaching for financial services firms, businesses, and customers alike. Given the scope of the impact, planning for this transition must start now and begin with a comprehensive strategy.