This week’s blog offers a comprehensive look at the latest regulatory updates affecting financial and digital markets globally. We delve into significant changes introduced by various authorities, highlighting new rules and guidelines designed to enhance transparency, compliance, and resilience across sectors. Our coverage includes finalised reporting requirements for digital asset transactions, cybersecurity guidelines for financial technology innovators, and updates to insurance and financial instrument regulations. These developments reflect the dynamic nature of the global regulatory environment, providing valuable insights for organizations to stay compliant and adapt to new standards effectively.
Business Line | Country | Regulator | Regulation/ Update | Summary |
All | Chile | CMF | Public Consultation on Governance, Risk Management, and Capital Requirements | On July 8, 2024, the Comisión para el Mercado Financiero (CMF) initiated a second public consultation for new regulatory proposals aimed at entities in the securities market and technology-based financial service providers. These proposals encompass comprehensive governance and risk management guidelines, including operational risk management for securities intermediaries and product brokers. The framework extends to include a methodology for evaluating risk management quality, potentially influencing requirements for minimum capital, guarantees, debt, and liquidity. Additionally, new minimum capital requirements based on risk-weighted assets are proposed for stock exchanges, general fund administrators, and portfolio managers, as well as intermediaries and product brokers. The public consultation remains open until August 22, 2024, inviting feedback on these pivotal regulatory changes. |
European Union | EBA | The European Supervisory Authorities (ESAs) released a consultation paper outlining draft guidelines under Article 97(1) of the Markets in Crypto-Assets Regulation (MiCAR). These guidelines provide templates for explanations and legal opinions necessary for the regulatory classification of crypto assets. MiCAR, effective from December 30, 2024, mandates comprehensive regulatory requirements for asset-referenced tokens (ARTs), e-money tokens (EMTs), and other crypto-assets within the EU. The proposed guidelines include a standardized test for determining whether a crypto asset falls within the scope of MiCAR, ensuring consistent application across Member States. The consultation invites feedback until October 12, 2024, emphasizing the importance of clear, evidence-based responses to facilitate effective regulatory compliance. | ||
Israel | GOV.IL | The Israeli Privacy Protection Authority (PPA) released a draft public statement inviting comments on its interpretation of Regulation 2(4) of the Privacy Protection Regulations (Transfer of Data Abroad), 2001. This regulation allows the transfer of personal data from Israel to other countries if the recipient agrees to adhere to data protection standards equivalent to those in Israel, with necessary adjustments. The PPA’s draft focuses on defining these “necessary adjustments” to ensure adequate protection when data is transferred internationally. The PPA clarified that subjective claims by data recipients regarding organizational or personal constraints are not sufficient to exempt them from these obligations. Public comments are welcomed until August 8, 2024, at 12:00 PM, providing stakeholders an opportunity to influence the final interpretation of these crucial data protection provisions. | ||
Luxembourg | CSSF | Luxembourg Publishes “DORA Law” to Enhance Financial Sector Resilience | Luxembourg’s national “DORA Law” was published in the Official Journal on July 1, 2024 following unanimous adoption in June, marking significant progress towards a more resilient financial sector in the country. Effective from January 17, 2025, this law empowers national authorities, specifically the CSSF and CAA, with the necessary supervisory and investigative powers to enforce the EU’s DORA Regulation, which is directly applicable across the European Union. The DORA Law also transposes related directives into Luxembourg law, making specific amendments to national laws to ensure consistency with DORA’s operational digital resilience requirements. The CSSF has advised financial entities to prepare for DORA compliance by January 2025 and to stay informed via the DORA page on the CSSF website, which is regularly updated with relevant information. | |
Singapore | MAS | In July 2024, MAS published comprehensive guidelines on risk management practices and internal controls to aid financial institutions in establishing robust frameworks for managing risks and ensuring operational integrity. The guidelines emphasize the importance of a strong control environment, outlining essential policies and procedures, a code of conduct, and the delegation of authority. They also highlight the necessity for proper segregation of duties, internal audits, compliance functions, and staff training. Business process controls, including customer dealings, due diligence, and asset valuation, are detailed to promote transparency and accountability. These guidelines are designed to help institutions safeguard against unauthorized transactions, fraudulent activities, and reputational risks while ensuring adherence to regulatory requirements. | ||
Turkey | KVKK | Turkey’s Personal Data Protection Authority published new regulations detailing the procedures and principles for transferring personal data abroad, as stipulated in Article 9 of the Personal Data Protection Law No. 6698. Effective immediately, these regulations apply to data controllers and processors involved in cross-border data transfers. They outline stringent conditions under which personal data may be transferred, including the necessity for an adequacy decision or appropriate safeguards such as binding corporate rules or standard contractual clauses. The regulations emphasize compliance with data protection principles and the need for robust technical and administrative measures to ensure data security. These measures aim to harmonize Turkey’s data protection standards with international norms and enhance the protection of personal data during international transfers. | ||
Banking | Australia | APRA | APRA Finalizes Interest Rate Risk in the Banking Book (IRRBB) Requirements | On July 8, 2024, the Australian Prudential Regulation Authority (APRA) announced the finalization of revised prudential standards and guidelines for managing Interest Rate Risk in the Banking Book (IRRBB) for authorized deposit-taking institutions (ADIs). Following extensive consultations, including a final round in December 2023, APRA’s updated Prudential Standard APS 117 will take effect from October 1, 2025. The revisions aim to address lessons from recent international banking crises, improve governance and risk measurement standards, and simplify the IRRBB framework. While the changes primarily affirm existing requirements for smaller ADIs, larger ADIs will benefit from reduced volatility and more consistent IRRBB capital charge calculations. APRA has also clarified expectations on shareholders’ equity maturity profiles and made minor adjustments to the IRRBB capital charge formula for consistency. The current APS 117 will remain effective until the new standard is implemented. APRA encourages ADIs to start aligning with the revised guidelines ahead of the official enforcement date. |
Global | BIS | Basel Committee’s Consultative Document on Third-Party Risk Management Principles | The Basel Committee on Banking Supervision issued a consultative document titled “Principles for the Sound Management of Third-Party Risk,” open for public comment until October 9, 2024. This document proposes comprehensive principles to guide banks in managing risks associated with third-party service providers (TPSPs), addressing the evolving landscape of digitalisation and increasing reliance on TPSPs. The principles cover governance, risk management, strategy, risk assessment, due diligence, contracting, onboarding, ongoing monitoring, and termination of TPSP arrangements. Emphasizing the importance of operational resilience, the guidelines are designed to enhance banks’ ability to withstand and recover from disruptions, promoting a standardized approach to third-party risk management across the global banking sector. | |
Israel | BOI | Draft Directive on IT Risk Management, Information Security, and Cybersecurity | The Israeli Banking Supervision Department released a draft directive titled “Management of IT Risks, Information Security, and Cybersecurity.” This comprehensive directive outlines the principles and procedures for banks to manage technology and cybersecurity risks effectively. It emphasizes the integration of information technology (IT) risk management within overall business activities, underscoring the critical role of accurate and secure information in banking operations. Key aspects include the establishment of governance frameworks, assignment of responsibilities to senior management and board members, and the development of robust IT strategies aligned with the institution’s risk appetite. The directive also mandates regular risk assessments, incident management protocols, and continuous monitoring to enhance operational resilience and data protection against cyber threats. The public is invited to submit comments on the draft directive by August 8, 2024, ensuring a collaborative approach to fortifying the financial sector’s cybersecurity posture. | |
Japan | JFSA | Results of Public Comments on Revisions to Supervision Guidelines for Major Banks | The Financial Services Agency (FSA) of Japan announced the publication of the results of public comments on the proposed revisions to the “Comprehensive Guidelines for Supervision of Major Banks, etc.” The draft revisions were open for public comment from May 24 to June 24, 2024, and garnered 10 comments from both individuals and organizations. The amendments focus on enhancing the clarity and effectiveness of financial measures required during disasters or potential disasters, ensuring banks are better prepared to manage such crises. The revised guidelines, effective immediately, incorporate feedback to improve the governance and operational resilience of financial institutions, reflecting lessons learned from recent experiences. The detailed responses and amendments can be found in Appendices 1 through 9 of the official documents. | |
Insurance | Australia | APRA | Final Guidance for Financial Accountability Regime in Insurance and Superannuation | The Australian Prudential Regulation Authority (APRA) and the Australian Securities and Investments Commission (ASIC) published comprehensive guidance materials to assist insurers and superannuation trustees in preparing for the Financial Accountability Regime (FAR), effective from March 15, 2025. The FAR, already applicable to the banking sector, introduces a robust accountability framework to enhance risk governance among APRA-regulated entities and their senior executives. The new guidance includes amendments to Regulator rules outlining key functions for the FAR register, an updated information paper detailing compliance obligation, an accountability statement guide, and reporting form instructions. These updates follow a public consultation addressing industry feedback. |
Malaysia | BNM | New Licensing and Regulatory Framework for Digital Insurers and Takaful Operators | Bank Negara Malaysia (BNM) issued the “Licensing and Regulatory Framework for Digital Insurers and Takaful Operators,” a comprehensive policy document aimed at fostering innovation and inclusivity in the insurance and takaful sectors. This framework sets out the eligibility criteria, application procedures, and regulatory requirements for digital insurers and takaful operators (DITOs) under the Financial Services Act 2013 and the Islamic Financial Services Act 2013. The policy emphasizes the use of advanced digital technologies to serve unserved and underserved markets, enhancing financial inclusion, competition, and efficiency. It outlines the foundational phase requirements for new entrants, including minimum capital requirements, governance structures, and business continuity plans. This initiative aligns with BNM’s Financial Sector Blueprint 2022-2026, aiming to close protection gaps and promote a dynamic financial sector. | |
Switzerland | FINMA | The Swiss Financial Market Supervisory Authority (FINMA) announced the publication of the revised FINMA Insurance Supervision Ordinance (ISO-FINMA) and several updated circulars for insurance companies. These revisions follow amendments to the Insurance Supervision Act and the Insurance Supervision Ordinance, which came into effect on January 1, 2024. The updated regulations, effective September 1, 2024, provide technical details delegated to FINMA by the Federal Council. Key changes include provisions related to the Swiss Solvency Test (SST), tied assets, and technical provisions. The revisions also address transparency rules for life insurance companies, the supervision of insurance intermediaries, and the roles of responsible and group actuaries. The amendments aim to streamline and clarify regulatory requirements, enhancing the supervision and stability of the Swiss insurance sector. | ||
Investment | European Union | ESMA | Consultation on Revisions to Equity Transparency Requirements under MiFIR | The European Securities and Markets Authority (ESMA) has launched its third consultation package (CP 3) focusing on equity transparency, as well as other key aspects of the Markets in Financial Instruments Regulation (MiFIR). This consultation includes proposed amendments to Regulatory Technical Standards (RTS 1) on equity transparency and introduces new standards for various areas such as the equity consolidated tape provider (CTP) and systematic internalisers (SI). Key highlights include revising the definition of liquid markets for equity instruments, specifying pre-trade and post-trade transparency requirements, and addressing the calibration of quoting sizes for systematic internalisers. Stakeholders are invited to provide their feedback by 15 September 2024 for specific sections and by 15 October 2024 for the remaining parts. The final reports on these proposals are expected by December 2024 and March 2025, respectively. |
European Union | ESMA | Consultation on Draft RTS for Liquidity Management Tools under AIFMD and UCITS Directive | The European Securities and Markets Authority (ESMA) has released a consultation paper on July 8, 2024, seeking feedback on the draft Regulatory Technical Standards (RTS) for Liquidity Management Tools (LMTs) under the Alternative Investment Fund Managers Directive (AIFMD) and the Undertakings for Collective Investment in Transferable Securities (UCITS) Directive. This initiative aims to define the characteristics of various LMTs available to fund managers, including suspension of subscriptions, redemption gates, swing pricing, and anti-dilution levies. The proposed RTS will harmonize the use of LMTs across the EU, ensuring consistent application and enhanced investor protection. Stakeholders are invited to submit their comments by October 8, 2024. The feedback will inform the final RTS, expected to be submitted to the European Commission for endorsement by April 2025. | |
European Union | ESMA | Consultation Paper on Guidelines for Liquidity Management Tools for UCITS and AIFs | The European Securities and Markets Authority (ESMA) released a consultation paper detailing proposed guidelines on Liquidity Management Tools (LMTs) for UCITS and Alternative Investment Funds (AIFs). The guidelines aim to ensure robust liquidity risk management and mitigate financial stability risks. The document specifies that fund managers must select and incorporate at least two appropriate LMTs from a predefined list into their fund rules, except in the case of Money Market Funds which may select only one. These tools include redemption gates, extension of notice periods, swing pricing, and side pockets. The guidelines emphasize the importance of appropriate governance, transparency, and investor protection, and they are set to be finalized by April 16, 2025, following feedback from stakeholders | |
European Union | ESMA | The European Securities and Markets Authority (ESMA) issued a consultation paper on the draft guidelines for periodic information submission by Benchmark Administrators, Credit Rating Agencies, and Market Transparency Infrastructures, which include Trade Repositories, Data Reporting Service Providers, and Securitisation Repositories. These guidelines aim to harmonize and streamline reporting requirements, ensuring consistency across different supervisory mandates. The guidelines cover various aspects, including board documents, internal controls, information technology, and information security. They also introduce standardized reporting templates to facilitate efficient supervision and risk assessment. Stakeholders are invited to submit their feedback by October 18, 2024. The final guidelines are expected to be published in the first quarter of 2025. | ||
European Union | ESMA | Consultation on Supervisory Expectations for the Management Body | The European Securities and Markets Authority (ESMA) has released a consultation paper detailing its supervisory expectations for the management bodies of firms under its supervision, including Credit Rating Agencies, Benchmark Administrators, and Data Reporting Service Providers. This document aims to harmonize governance standards and enhance transparency by providing a clear set of expectations for these entities. It emphasizes the roles and responsibilities of the management body, the operation and role of the chair, and the effectiveness and composition of the management body. ESMA seeks public feedback by October 11, 2024, and plans to finalize these guidelines by Q1 2025, with supervisory expectations becoming applicable three months post-publication. | |
European Union | EBA | Consultation on Draft RTS for CVA Risk in Securities Financing Transactions | The European Banking Authority (EBA) released a consultation paper seeking feedback on draft Regulatory Technical Standards (RTS) for assessing Credit Valuation Adjustment (CVA) risk in securities financing transactions (SFTs). This initiative, mandated under Article 382(6) of Regulation (EU) No 575/2013, proposes a quantitative approach to determine the materiality of CVA risk exposures from fair-valued SFTs. The draft RTS outlines a methodology based on a ratio of CVA risk relative to total CVA risk exposures, assessed quarterly. These measures aim to ensure consistent implementation across institutions and avoid frequent changes in capital requirements. Stakeholders are invited to submit their comments by October 8, 2024, to refine these standards, which are crucial for maintaining financial stability and effective risk management. | |
France | AMF | The Autorité des marchés financiers (AMF) has recently published a comprehensive synthesis of responses to its discussion paper on Decentralized Finance (DeFi), initially released on June 19, 2023. The consultation sought input from various stakeholders on regulatory considerations for DeFi, reflecting on the rapidly evolving landscape of financial activities involving crypto assets. The AMF received 34 responses from a diverse array of participants, including blockchain project leaders, centralized crypto-asset firms, traditional finance entities, and consultancy firms. The feedback highlighted the need for a clear regulatory framework to support orderly ecosystem development while addressing inherent risks. Respondents broadly supported the AMF’s balanced approach in analysing both opportunities and challenges presented by DeFi. This consultation underscores the AMF’s commitment to developing a coordinated regulatory approach, emphasizing the importance of transparency, governance, and risk management in the decentralized finance sector. | ||
Indonesia | OJK | Cybersecurity Guidelines for Financial Technology Innovators | The Otoritas Jasa Keuangan (OJK) launched comprehensive Cybersecurity Guidelines tailored for Financial Technology Innovators (ITSK). Supported by the British Embassy through the UK Government’s cyber capacity-building program, these guidelines emphasize proactive and reactive strategies to ensure cybersecurity is a fundamental component of the ITSK ecosystem. Hasan Fawzi, Head of Supervision for Financial Technology Innovation, Digital Financial Assets, and Crypto Assets at OJK, highlighted the importance of these guidelines during the launch event in Jakarta. The guidelines cover data protection, risk management, incident response, maturity assessment, and training, promoting a collaborative and information-sharing approach. This initiative aligns with Indonesia’s Financial Sector Development and Strengthening Law No. 4 of 2023, mandating robust information system security and resilience. The launch was followed by a Cyber Bootcamp to enhance OJK staff’s cybersecurity skills, ensuring effective identification, prevention, and response to sophisticated cyber threats. | |
Ireland | GOV.IE | The Department of Finance in Ireland has released a consultation paper in July 2024 concerning the Credit Institutions Resolution Fund, managed by the Central Bank. Established under the Central Bank and Credit Institutions (Resolution) Act 2011, the fund aims to provide financial stability for credit institutions, particularly credit unions. Currently, the Resolution Fund is projected to meet its target size of €65 million by 2025. The consultation seeks stakeholder feedback on whether this target should be increased, and if so, what the new target size and timeline should be. The Department has reached out to key stakeholders, including the Central Bank, credit union associations, and a random selection of credit unions, inviting them to submit their views by September 27, 2024. | ||
Ireland | GOV.IE | The Irish Department of Finance has launched a consultation paper to gather feedback on the Credit Union Stabilisation Fund, established under the Credit Union and Co-operation with Overseas Regulators Act 2012. The consultation, running until September 27, 2024, aims to understand why the €20.4 million fund has not been utilized to date and to explore potential changes to its structure and usage. The Stabilisation Fund is designed to provide financial support to credit unions with temporary reserve shortfalls but deemed viable by the Central Bank. Stakeholders, including the Central Bank of Ireland, credit union associations, and selected credit unions, are invited to share their views on amendments needed to enhance the fund’s effectiveness and on the future target size of the fund. The feedback will inform the Department’s recommendations to the Minister for Finance on the future structure and use of the Stabilisation Fund. | ||
Romania | ASF | The Financial Supervisory Authority (ASF) submitted a revised draft law to the Ministry of Finance, aiming to amend and complete Law no. 24/2017 on issuers of financial instruments and market operations. This revised draft, approved by the ASF Council on June 11, 2024, and previously subjected to public consultation and debate, seeks to transpose two European directives into Romanian law and support the National Strategy for Capital Market Development (2023-2026). Key amendments include reducing the minimum term for exercising the right of preference in capital increases from 30 to 14 days, expediting the publication of decisions in the Official Gazette, and clarifying procedures for executing court decisions related to share capital increases. Additionally, the draft law maintains the obligation for quarterly reporting, extending the publication deadline from 45 to 60 days, and introduces provisions to align the quarterly and half-yearly reports with international accounting standards. | ||
United Kingdom | FCA | UK EMIR Reporting Requirements: Finalised Q&As and Consultation on Position Level Reporting | The Financial Conduct Authority (FCA) and the Bank of England have published finalised guidance for counterparties reporting under the revised UK EMIR Article 9 requirements, effective from September 30, 2024. This guidance, available in the form of questions and answers (Q&As), addresses various topics including transitional arrangements, reconciliations, errors and omissions, and margin and collateral. The guidance follows extensive consultations with industry stakeholders, aiming to ensure consistent and accurate derivatives reporting. The authorities are currently seeking feedback on an additional draft Q&A related to position level reporting, with responses due by July 23, 2024. Finalised guidance and validation rules have been published, providing clear direction for counterparties, trade repositories, and service providers. | |
United Kingdom | FCA | On July 11, 2024, the Financial Conduct Authority (FCA) published its final rules for a new, simplified, and competitive UK listing regime, effective from July 29, 2024. This reform aims to attract more companies to list in the UK by eliminating the ‘premium’ and ‘standard’ listing segments in favour of a single category for commercial companies’ equity shares. The changes emphasize disclosure to empower investors, streamline the listing process, and reduce barriers to growth for listed companies. The new rules will impact current and prospective UK-listed companies, investors, and the advisory community, including investment banks, law firms, and accountancy firms. The reforms, the most significant in over three decades, are designed to enhance the UK’s market attractiveness and competitiveness. | ||
United States | SEC | Final Regulations on Gross Proceeds and Basis Reporting for Digital Asset Transactions | The IRS and the Treasury Department have issued final regulations, effective September 9, 2024, regarding the reporting of gross proceeds and basis by brokers for digital asset transactions. These rules mandate that brokers report the gross proceeds and adjusted basis of digital asset sales and exchanges. Additionally, brokers must report transactions where digital assets are used to purchase real estate. The regulations aim to enhance transparency in digital asset transactions and close the tax gap by ensuring proper reporting and compliance. The final rules also address various industry concerns, including definitions and reporting requirements for different types of digital assets such as stablecoins and NFTs. Brokers are provided with alternative reporting methods to alleviate the reporting burden for certain stablecoin transactions. These regulations are a significant step towards formalizing the tax reporting framework for digital assets in the U.S. |
In today’s rapidly evolving financial landscape, staying ahead of regulatory changes is not just a necessity—it’s a competitive advantage. FinregE understands this challenge and offers a cutting-edge solution designed to streamline your compliance efforts. Our comprehensive platform goes beyond mere updates; it provides deep insights and actionable intelligence to help your organization navigate the complex web of global regulations. Contact us today to see how FinregE can revolutionize your approach to regulatory compliance.
