Regulatory Changes, Financial Markets – Week 23

Regulatory Alerts

In this blog, we provide a comprehensive summary of the most recent regulatory changes in the financial services industry, spanning across banking, insurance, and investment sectors. We delve into a diverse array of regulations, consultations, and policy initiatives introduced by both national and international bodies. These updates reflect the ongoing transformation of regulatory frameworks designed to address emerging challenges and seize new opportunities.

Business Line



Rule/ Regulation



European Union


New Framework for Operational Risk in CRR3

The European Banking Authority (EBA) has released a consultation paper detailing amendments to the operational risk framework under the CRR3, replacing all previous approaches for calculating regulatory capital with the Business Indicator Component (BIC). This revised framework mandates institutions with a Business Indicator (BI) above EUR 750 million to maintain a comprehensive loss data set over a ten-year period. The EBA has issued three key draft regulatory technical standards (RTS) within this consultation: the first establishes a risk taxonomy for operational risk, the second defines the conditions under which calculating annual operational risk loss is considered ‘unduly burdensome’, and the third specifies how institutions should adjust their loss data sets following mergers or acquisitions. These standards aim to ensure a consistent and detailed approach to managing operational risks across the European financial sector, enhancing data accuracy and regulatory compliance. The consultation, open until September 6, 2024, seeks feedback on the proposed technical standards, which are expected to be finalized by the end of 2024.

European Union


Governance Framework for Crypto-Assets Under MiCAR

The European Banking Authority (EBA) has published a comprehensive set of regulatory guidelines and standards under the Markets in Crypto-Assets Regulation (MiCAR) to bolster governance, manage conflicts of interest, and structure remuneration policies for crypto-asset issuers. Released on June 6, 2024, the package includes guidelines on governance arrangements for issuers of asset-referenced tokens (ARTs), detailing responsibilities and risk management processes. Additionally, the EBA issued final draft Regulatory Technical Standards (RTS) on remuneration policies for significant ART and e-money token (EMT) issuers, promoting sound risk management and cross-sectoral consistency. Another RTS mandates effective conflict of interest policies for ART issuers, particularly focusing on asset reserves. Developed in collaboration with the European Securities and Markets Authority (ESMA) and the European Central Bank (ECB), these measures aim to create a transparent and secure regulatory environment for the evolving crypto-assets market.

European Union

European Union

Recovery and Resolution Regulations for Financial Services

On June 4, 2024, the Malta Financial Services Authority (MFSA) announced the Recovery and Resolution (Amendment) Regulations, 2024, aimed at enhancing the regulatory framework for financial institutions. These amendments, enacted under the powers of the Malta Financial Services Authority Act, implement key provisions from EU regulations to improve the prudential treatment of global systemically important institutions (G-SIIs) and ensure effective loss-absorbing and recapitalization capacities. Significant changes include revised asset threshold requirements, updated conditions for retail client investments, and enhanced coordination among resolution entities within the EU. These updates aim to strengthen financial stability and ensure consistent application of resolution strategies across member states.

European Union


Final Report on Greenwashing

The European Securities and Markets Authority (ESMA) has released its Final Report on greenwashing, responding to the European Commission’s request for input on the risks and supervision of sustainable finance policies. The report highlights the divergences in greenwashing definitions and practices across the EU, outlining the roles of supervision in mitigating these risks. Key recommendations include enhancing supervisory capacities, leveraging technology like SupTech tools, and increasing the scrutiny of sustainability-related claims. The report underscores the importance of consistent and effective supervision to protect investors and maintain market integrity in the face of greenwashing.

European Union


Opinion on Swedish Accreditation Requirements for Certification Bodies

The European Data Protection Board (EDPB) has published its opinion on the draft decision by the Swedish Supervisory Authority (SE SA) concerning the accreditation requirements for certification bodies under the General Data Protection Regulation (GDPR). The opinion emphasizes the need for a harmonized approach across the EU to ensure consistency and trust in the certification process. The EDPB provided several recommendations to refine the draft requirements, such as clarifying the terms “risk analysis” and “impact assessment,” ensuring full transparency in the certification process, and enhancing the independence and impartiality of certification bodies. These improvements aim to uphold high standards in the accreditation process, thereby strengthening data protection practices across the EU.

European Union


Orientations on Generative AI and Data Protection Compliance

The European Data Protection Supervisor (EDPS) has issued its first orientations on ensuring data protection compliance when using generative AI systems. These guidelines are aimed at EU institutions, bodies, offices, and agencies (EUIs) to help them navigate the processing of personal data in compliance with Regulation (EU) 2018/1725. The orientations emphasize the application of general data protection principles to generative AI systems, highlighting the importance of data minimization, accuracy, and lawful processing. They also stress the need for transparency and the safeguarding of individuals’ rights, including the right to access, rectify, and erase personal data. Additionally, the orientations provide practical advice on conducting Data Protection Impact Assessments (DPIAs) and ensuring data security throughout the AI system’s lifecycle.



Interoperability Guidance for ESRS and ISSB Standards

The International Sustainability Standards Board (ISSB) and the European Commission, along with EFRAG, have released joint interoperability guidance to enhance the alignment between the European Sustainability Reporting Standards (ESRS) and the IFRS Sustainability Disclosure Standards (ISSB Standards). This guidance focuses on achieving a high degree of alignment, particularly in climate-related reporting, and provides a framework for entities to comply with both sets of standards seamlessly. Key aspects include the alignment of financial materiality definitions, common defined terms, and harmonized climate-related disclosure requirements. The document outlines general reporting requirements and specific instructions for entities starting with either ESRS or ISSB Standards to ensure comprehensive compliance. This effort aims to streamline reporting processes and increase efficiency for entities adhering to both frameworks.

United Kingdom


Updated Guidance on Data Protection Impact Assessments (DPIAs)

The Information Commissioner’s Office (ICO) has released updated guidance on conducting Data Protection Impact Assessments (DPIAs) under the UK GDPR and the Data Protection Act 2018. DPIAs are crucial for identifying and mitigating risks associated with data processing activities, especially those likely to impact individuals’ rights and freedoms significantly. The revised guidance aligns with the European Data Protection Board’s opinion and includes detailed steps on when and how to perform DPIAs, highlighting their necessity for high-risk processing activities such as systematic profiling and large-scale processing of sensitive data. Organizations must follow these steps to ensure compliance and protect personal data effectively. The guidance remains subject to updates, so continuous monitoring of the ICO website is recommended.


Czech Republic


CNB Adjusts Capital Buffers Amid Systemic Risk Concerns

In response to evolving systemic risks, the Czech National Bank (CNB) has opted to maintain the upper limit on loan-to-value (LTV) ratios for mortgage lending while deactivating upper limits on debt service-to-income (DSTI) and debt-to-income (DTI) ratios. Additionally, the CNB extends its Recommendation on risk management to cover all consumer credit for housing, aiming to enhance risk mitigation across the lending landscape. Notably, the Bank Board’s decision to reduce the countercyclical capital buffer (CCyB) rate to 1.25% and set the systemic risk buffer (SyRB) rate at 0.5% underscores a strategic move to fortify the banking sector against structural vulnerabilities within the Czech economy. Stress test outcomes highlight the sector’s resilience, but concerns persist regarding potential impacts of structural risks, prompting proactive measures to bolster financial stability. With a detailed Financial Stability Report slated for release later this month, the CNB continues its vigilance in safeguarding the robustness of the financial system amidst a dynamic economic landscape.

European Union

European Union

Enhanced Requirements for Reporting Minimum Capital and Eligible Liabilities

The European Commission has introduced Implementing Regulation (EU) 2024/1618, amending the previous Implementing Regulation (EU) 2021/763 to enhance the supervisory reporting and public disclosure requirements regarding the minimum requirement for own funds and eligible liabilities (MREL) and the Total Loss-Absorbing Capacity (TLAC). This regulation mandates intermediate entities within a resolution group to deduct holdings of their own funds and eligible liabilities instruments issued by other entities in the same group from their compliance calculations for internal MREL and TLAC. Additionally, the regulation specifies detailed templates and instructions for reporting and public disclosure, ensuring uniformity and transparency across the EU. The changes are aimed at bolstering financial stability and ensuring accurate and comprehensive data reporting to supervisory and resolution authorities, effective from December 27, 2024.



Divergences in Virtual IBAN Issuance and Regulation Across EU

The European Banking Authority (EBA) has released a comprehensive report shedding light on the issuance and regulation of ‘virtual IBANs’ (vIBANs) across the European Union. Notably, the report underscores the lack of a common definition for vIBANs, leading to varying industry practices and divergent interpretations of regulatory requirements among national authorities. These disparities pose challenges concerning anti-money laundering and terrorist financing, consumer protection, and regulatory arbitrage. By outlining the characteristics, use cases, benefits, and associated challenges of vIBANs, the EBA aims to address regulatory uncertainties and promote consistency in supervisory practices. The report offers recommendations for clarifying EU law and enhancing national authorities’ capabilities to oversee vIBAN issuance effectively. Leveraging its mandate under Regulation (EU) 1093/2010, the EBA draws on multiple sources, including its opinion on ML/TF risks in the EU financial sector and insights from national competent authorities and payment service providers.

South Africa

Reserve Bank

Proposed Directive on the Prudential Treatment of Distressed Restructured Credit Exposures

The South African Reserve Bank (SARB) has issued a proposed directive under section 6(6) of the Banks Act 94 of 1990, aimed at enhancing the prudential treatment and reporting of distressed restructured credit exposures. This directive mandates banks, including branches of foreign institutions and controlling companies, to implement consistent systems for identifying and managing distressed credit exposures. Key aspects include defining and reporting distressed restructures, ensuring alignment with International Financial Reporting Standards (IFRS) 9, and clarifying the interpretation of Regulation 67. The directive outlines indicators of financial distress, establishes criteria for rehabilitation, and specifies the probation period for restructured exposures. Furthermore, it emphasizes the responsibility of banks’ boards and senior management to ensure compliance and effective oversight of distressed credit exposures. The SARB invites comments on this directive by July 19, 2024, to ensure a robust framework for managing and reporting distressed restructured credit exposures in the banking sector


United Kingdom


Reform of the Matching Adjustment under Solvency II

The Bank of England has issued Policy Statement 10/24 (PS10/24), detailing significant reforms to the Matching Adjustment (MA) under Solvency II, aimed at enhancing investment flexibility and improving risk management for insurers. Effective from June 30, 2024, the reforms include broadening asset eligibility criteria to incorporate assets with highly predictable cash flows and removing limits on sub-investment grade assets. The updated regulations also introduce new controls to ensure cash flow matching quality, refine the fundamental spread (FS) additions for assets with non-fixed cash flows, and streamline the MA application process. Additionally, firms are now required to provide attestations on MA benefits and comply with updated reporting requirements. These changes aim to encourage investments in long-term productive assets while maintaining high prudential standards and enhancing protection for policyholders


European Union


Discussion Paper on Investment Firms Prudential Framework

On June 3, 2024, the European Banking Authority (EBA) and the European Securities and Markets Authority (ESMA) published a discussion paper in response to the European Commission’s Call for Advice (CfA) on the investment firm’s prudential framework. The paper, aiming to enhance the Investment Firms Regulation (IFR) and Investment Firms Directive (IFD), addresses key areas such as the categorization of investment firms, the adequacy of prudential requirements, and interactions with other regulations, including the Banking Package (CRR3/CRD6). It proposes refining thresholds for classifying investment firms, enhancing definitions and calculations of K-factors, and considering the impact of crypto-assets on investment activities. Additionally, the paper discusses liquidity requirements, prudential consolidation, and remuneration policies. The EBA and ESMA invite public consultation responses by September 3, 2024, with a final report to be submitted by December 2024.



Guidelines on Money Market Fund Regulations

The Autorité des Marchés Financiers (AMF) has released comprehensive guidelines concerning the regulation of money market funds (MMFs). Document DOC-2018-05, created on June 14, 2018, and updated on June 4, 2024, delineates requirements pertaining to crisis simulation scenarios and reporting obligations to competent authorities. Aligned with directives from the European Securities and Markets Authority (ESMA), the AMF emphasizes the need for standardized crisis simulation practices to address liquidity, credit risk, interest rate fluctuations, and macroeconomic shocks. Additionally, the guidelines outline reporting protocols in accordance with EU regulations, aiming to foster consistency and transparency in MMF operations. These updates mark a significant step in enhancing regulatory clarity and promoting sound financial practices within the money market fund sector.


ASF Romania

Romania Updates ASF Regulation No. 16/2014

The Financial Supervisory Authority (ASF) of Romania has announced updates to Regulation No. 16/2014, effective from June 2024. The modification focuses on refining the regulations governing investment firms, particularly enhancing transparency and operational guidelines. Key amendments include improved reporting requirements, enhanced investor protection measures, and stricter compliance standards for investment firms. These changes aim to align Romania’s financial regulatory framework with European standards, promoting a more secure and transparent investment environment. The ASF’s initiative is part of a broader effort to bolster the integrity and efficiency of the financial market in Romania.



New Guidelines for Fund Management Companies

The Monetary Authority of Singapore (MAS) has issued updated guidelines on the licensing, registration, and conduct of business for Fund Management Companies (FMCs), effective June 2024. These guidelines aim to enhance the regulatory framework, ensuring FMCs adhere to stringent operational standards. Key updates include refined criteria for licensing and registration, emphasizing substantive fund management activity within Singapore, and reinforced requirements for fit and proper assessments of FMC personnel. Additionally, the guidelines introduce detailed compliance arrangements, mandating independent and dedicated compliance functions for Retail Licensed FMCs (LFMCs) and appropriate measures for mitigating conflicts of interest. The MAS also stipulates rigorous anti-money laundering (AML) and counter-terrorism financing (CFT) protocols, alongside new reporting obligations for misconduct. These revisions seek to bolster investor protection and maintain the integrity of Singapore’s financial market​.

United States


SEC Amends Regulation S-P to Enhance Customer Information Protection

The Securities and Exchange Commission (SEC) has adopted amendments to Regulation S-P, significantly enhancing requirements for safeguarding customer information and responding to data breaches. These amendments mandate brokers, dealers, investment companies, registered investment advisers, funding portals, and transfer agents to establish written policies and procedures for incident response programs addressing unauthorized access to customer information. This includes timely notification to affected individuals within 30 days of identifying a breach. The scope of the regulation has also been broadened to cover more types of information, ensuring robust protection and proper disposal of customer records. The amendments, effective from August 2, 2024, aim to align with technological advancements and increased cybersecurity risks, thereby reinforcing consumer data protection in the financial sector​.

FinregE helps firms navigate the constantly changing regulatory environment with its advanced horizon scanning and change management solutions. Utilizing state-of-the-art technology, FinregE delivers timely insights into regulatory updates and upcoming compliance requirements. This proactive strategy allows organizations to stay ahead of regulatory trends and manage compliance risks effectively. Schedule a demo today.

Downloads Alert