In the dynamic regulatory landscape, staying informed on compliance requirements is essential for businesses worldwide. This week’s roundup captures significant updates across various financial sectors, impacting digital assets, ESG reporting, risk management, and long-term investment frameworks. These changes from leading jurisdictions underscore the importance of maintaining robust compliance practices and proactive risk management strategies. Whether you operate in banking, investment, or fintech, these regulatory insights are crucial to navigating today’s complex regulatory environment.
Business Line | Country | Regulator | Regulatory Update | Summary |
All | Chile | CMF | The Financial Market Commission (CMF) of Chile has opened a public consultation on a proposed regulatory framework aimed at enhancing information transparency for fintech entities registered under the Fintech Law. This proposal, open for feedback until November 15, 2024, introduces the “Fintech Information System Manual,” which mandates the reporting standards, frequency, and channels for supervised entities to submit data. These entities, including crowdfunding platforms, alternative trading systems, credit and investment advisors, custodians, order routing services, and financial intermediaries, will be required to periodically report 16 specific data files covering aspects like business volume, capital requirements, operational risks, crypto-related risk exposure, and cybersecurity. In line with modularity and proportionality principles, reporting requirements will vary according to each entity’s business scale and risk profile. Public comments on the draft regulation can be submitted via CMF’s website. | |
European Union | European Union | The European Union has advanced its commitment to sustainable finance by adopting a regulation to standardize Environmental, Social, and Governance (ESG) rating activities, following the European Parliament’s endorsement. This legislation aims to ensure the integrity, transparency, and comparability of ESG ratings across member states. Key aspects of the regulation include establishing consistent reporting methodologies, mandating clear disclosures on ESG rating frameworks, and enhancing oversight by the European Securities and Markets Authority (ESMA). The regulation also seeks to prevent conflicts of interest, particularly among ESG rating providers, through robust governance requirements. This step aligns with the EU’s sustainable finance goals and reinforces investor protection by curbing greenwashing and increasing transparency within the ESG rating industry. | ||
European Union | European Union | The European Commission has submitted draft Regulatory Technical Standards (RTS) to the President of the ECOFIN Council to guide the application of the Markets in Crypto-Assets Regulation (MiCA). This regulation aims to enhance transparency, standardization, and consumer protection within the EU crypto-asset market by establishing clear operational standards for crypto-asset service providers and issuers. These RTS drafts cover specific provisions on disclosure requirements, governance frameworks, and prudential measures to be adhered to across the EU, with further adjustments to ensure consistency with existing financial regulations (Regulations 1093/2010, 1095/2010, and Directives 2013/36/EU, 2019/1937). | ||
European Union | European Commission | Enhanced Oversight Standards for Critical ICT Service Providers under DORA | The European Commission has adopted a Delegated Regulation supplementing the Digital Operational Resilience Act (DORA), setting new standards for the oversight of critical Information and Communication Technology (ICT) service providers in the EU financial sector. This regulation outlines specific information that ICT providers must submit to the European Supervisory Authorities (ESAs) to be designated as “critical.” It also details compliance and risk assessment protocols for critical ICT providers, including requirements on service continuity, subcontracting transparency, and data security measures. Competent authorities are mandated to assess how financial entities are exposed to risks identified by the Lead Overseer, with a coordinated approach ensuring robust operational resilience across Member States. This move is part of the EU’s commitment to enhance digital resilience and stability within the financial sector. | |
European Union | European Commission | Standards for Reporting Major ICT Incidents in Financial Sector | The European Commission has issued a new Implementing Regulation under the Digital Operational Resilience Act (DORA), establishing standardized procedures for reporting major ICT-related incidents and notifying significant cyber threats. Effective across the EU, this regulation mandates financial entities to use predefined templates for initial, intermediate, and final reports, ensuring consistent and accurate data submission. The framework allows aggregated reporting for incidents impacting multiple entities within a Member State, streamlining reporting for events with broad effects. Additionally, financial institutions that outsource reporting obligations must notify their supervisory authority of the third-party arrangements. This regulation strengthens the EU’s approach to operational resilience in financial services. | |
Global | TNFD | The Taskforce on Nature-related Financial Disclosures (TNFD) has released a draft roadmap aimed at improving market access to high-quality, nature-related data, as presented at COP16 in Cali, Colombia. This roadmap seeks to address the growing demand from businesses and financial institutions for reliable, timely nature-related data to meet new reporting, target setting, and sustainability goals. Building on previous TNFD work, including a 2022 data assessment and a 2023 scoping study, the roadmap outlines three core priorities for pilot testing in 2025. These priorities include developing a composite set of data principles, conducting evaluations to identify data coverage gaps, and testing a beta Nature Data Public Facility (NDPF) to facilitate data access. With a public consultation period open until January 2025, TNFD invites input from global stakeholders to refine this roadmap and support industry alignment with nature-positive goals. | ||
Luxembourg | CSSF | Guidelines on Fund Names Using ESG or Sustainability-Related Terms | The Luxembourg financial regulator CSSF has issued Circular 24/863, which aligns with the European Securities and Market Authority (ESMA) guidelines on the naming of funds that incorporate ESG or sustainability-related terms. Effective from 21 November 2024, this regulation targets UCITS management companies, alternative investment fund managers, and money market fund managers, requiring them to ensure that fund names using ESG or sustainability terms are not misleading. Specifically, funds must meet an 80% investment threshold toward sustainable objectives to qualify for ESG-related terminology and exclude certain non-compliant companies from their portfolios. Existing funds are given a six-month transition period until 21 May 2025 to comply. This directive aims to enhance transparency and prevent greenwashing, ensuring that fund names accurately reflect their environmental, social, and governance commitments. | |
Banking | European Union | EBA | The European Banking Authority (EBA) has published a draft technical package for version 4.0 of its reporting framework. This early release aims to prepare banks for compliance with new reporting obligations beginning in the first half of 2025. Key changes include the transition to the Data Point Model (DPM) 2.0 and a new semantic glossary, marking a significant shift in data reporting methodology. This draft includes specifications for validation rules, DPM, and XBRL taxonomies to support asset-referenced tokens (ARTs), electronic money tokens (EMTs), and updates to COREP templates in line with the EU Banking Package (CRR3/CRDVI). The final version, which will incorporate recent recommendations from the three European Supervisory Authorities (ESAs), is expected in December 2024. Additionally, an updated DPM Query Tool and Q&A document have been provided to assist institutions in understanding the upcoming changes. | |
Finland | FSA | The Finnish Financial Supervisory Authority (FIN-FSA) released updated regulations and guidelines for risk management in mortgage bank operations on 18 October 2024, effective 1 January 2025. These regulations aim to enhance the resilience of mortgage banks by setting requirements for overcollateralization, liquidity, and bond register maintenance. The guidelines address aspects like business plan adoption, cover pool valuation, and monitoring overcollateralization, ensuring that mortgage banks maintain sufficient collateral and meet liquidity needs over a 180-day period. This regulatory framework is designed to protect covered bondholders and bolster the stability of the Finnish banking sector, with mandatory compliance for mortgage and deposit banks authorized to operate in mortgage credit. | ||
Hong Kong | HKMA | The Hong Kong Monetary Authority (HKMA) released an updated version of its Supervisory Policy Manual (SPM) module TM-E-1, focusing on risk management for e-banking. This revised module, effective immediately, reflects HKMA’s ongoing commitment to enhancing supervisory guidance for authorized institutions (AIs) offering e-banking and payment card services. Key updates include an expanded scope to cover payment card transaction controls, consolidated security measures from various HKMA supervisory documents, and the introduction of principle-based guidance to bolster AIs’ risk management strategies. This comprehensive update seeks to equip AIs with a cohesive framework for managing emerging risks in e-banking and payment card operations in Hong Kong. | ||
Hong Kong | HKMA | The Hong Kong Monetary Authority (HKMA) has issued revised guidelines for authorizing digital banks, effective immediately. These guidelines, issued under Section 16(10) of the Banking Ordinance, update criteria for digital banks, which primarily operate through online channels, focusing on promoting innovation and financial inclusion. Key requirements include a credible business plan, robust risk management for credit, liquidity, and technology-related risks, and fair customer treatment without minimum balance requirements. Digital banks must maintain a local presence, ensure customer data protection, and prepare an exit plan to address potential operational challenges. The guidelines also outline HKMA’s expectations on outsourcing, emphasizing adequate security and compliance with privacy laws, and require digital banks to maintain sufficient capital relative to their risk exposure. This update reinforces HKMA’s commitment to supporting technological advancements while ensuring stability and consumer protection in Hong Kong’s banking sector. | ||
Jersey | GOV.JE | Jersey’s States Assembly unanimously approved legislation for the OECD’s Pillar 2 minimum tax framework, set to take effect for accounting periods beginning on or after 1 January 2025. The new Multinational Corporate Income Tax (MCIT) mandates a 15% effective tax rate for in-scope multinational companies on their Jersey profits. Additionally, a top-up tax will apply to low-taxed foreign profits under the OECD’s Income Inclusion Rule (IIR), although Jersey will not implement the Undertaxed Profits Rule (UTPR). Over 95% of Jersey-based companies will not be affected by this change, as they fall outside the Pillar 2 scope. To support compliance and tax incentives, Jersey’s government is also working with industry stakeholders to develop a Qualifying Refundable Tax Credit (QRTC) regime. This development aligns Jersey with international tax standards and ensures an internationally competitive environment for businesses operating within its jurisdiction. | ||
Singapore | MAS | The Monetary Authority of Singapore (MAS) has implemented E-Payments User Protection Guidelines, effective since 5 September 2020, aimed at enhancing security and clarifying liability for e-payments. These guidelines define the responsibilities of both financial institutions (FIs) and account holders to mitigate risks from unauthorized and erroneous transactions. Financial institutions must promptly notify users of outgoing transactions and provide secure channels for reporting unauthorized activities, with an expected resolution within 21 to 45 business days. Account holders, in turn, are required to secure access credentials, monitor account activity, and report any unauthorized transactions swiftly. The guidelines also establish liability limits for account holders, particularly in cases of unauthorized transactions not arising from user negligence. This framework provides a standardized approach to e-payment security, aiming to safeguard users and enhance confidence in digital payments across Singapore. | ||
Insurance | Romania | ASF Romania | Romania’s Financial Supervisory Authority (ASF) has approved amendments to its existing insurance and reinsurance regulations, specifically updating ASF Norm 25/2022 and adding provisions to Norm 26/2021. Key updates include new requirements for insurers to notify ASF prior to outsourcing key functions or critical tasks, particularly when significant changes may affect their obligations to clients. Insurers are also required to complete a detailed notification form (Annex 11) in cases of major outsourcing. Additionally, ASF may recommend amendments to outsourcing contracts or mandate provider changes if necessary. These regulatory adjustments enhance oversight of outsourcing practices within Romania’s insurance and reinsurance sectors, ensuring continuity and compliance with EU standards for operational resilience and transparency. | |
Investment | Australia | ASIC | Australia Updates OTC Derivative Transaction Reporting Rules | As of 21 October 2024, the Australian Securities and Investments Commission (ASIC) has implemented the new Derivative Transaction Rules (Reporting) 2024, replacing the 2022 rules. The revised rules aim to better align with international standards, consolidate transitional provisions, and improve the relevance of reporting requirements. Developed through multiple rounds of industry consultation, the 2024 rules focus on enhancing the quality and consistency of OTC derivative transaction data, making it more suitable for regulatory use. ASIC has also published compliance guidance and, recognizing the scale of adjustments, will apply a lenient compliance approach until March 2025 for entities showing reasonable efforts to meet the new requirements. This update reflects ASIC’s ongoing commitment to regulatory efficiency and enhanced data useability for monitoring market activities. |
European Union | ESMA | Updated MiFID II Product Governance Guidelines Compliance Table | The European Securities and Markets Authority (ESMA) has updated the compliance status of EU and EEA authorities with the revised 2023 MiFID II product governance guidelines. This compliance table shows that all Member States, including non-EU EEA states like Iceland, Liechtenstein, and Norway, intend to comply with these guidelines. The MiFID II product governance framework outlines regulatory expectations on the design, distribution, and ongoing assessment of financial products to ensure they meet target market needs. Each authority’s compliance indicates strengthened product governance practices across the EU, with efforts to standardize consumer protection and product suitability in line with ESMA’s guidelines. | |
European Union | ESMA | ESMA has released an updated compliance table outlining adherence to the revised 2023 MiFID II suitability guidelines. All EU and EEA authorities, including Iceland, Liechtenstein, and Norway, are reported as compliant or intending to comply. These guidelines set enhanced standards for assessing client suitability in financial products, focusing on accurately matching investment offerings to individual client profiles. The widespread compliance reflects ESMA’s commitment to harmonizing investor protection across the region and ensuring that suitability assessments align with updated regulatory expectations for investor needs and product appropriateness. | ||
European Union | European Union | New EU Regulations for Long-Term Investment Funds on Derivatives, Redemption, and Cost Transparency | The European Commission adopted Delegated Regulation (EU) 2024/2759 on 19 July 2024, setting forth new technical standards for European Long-Term Investment Funds (ELTIFs). These rules define conditions for ELTIFs to use derivatives strictly for hedging other investments, establish requirements for redemption policies and liquidity management, and outline procedures for the matching of transfer requests. Additionally, the regulation specifies criteria for asset disposal and details mandatory cost disclosures to enhance transparency for investors. ELTIF managers must now adhere to stringent guidelines for aligning redemption policies with asset liquidity and demonstrate how derivatives used reduce investment risks. The regulation will apply across the EU, supporting investor protection and stability within the long-term investment market. | |
European Union | European Union | The European Parliament and Council has adopted a new directive amending Directive 2014/65/EU, commonly known as MiFID II, with a goal to enhance the appeal of public capital markets for companies, especially small and medium-sized enterprises (SMEs). This update introduces several measures aimed at improving SME market visibility, easing listing requirements, and increasing research coverage. Key changes include relaxing “research unbundling” rules, allowing bundled payments for research and execution services to increase research availability for smaller firms. It also repeals the 2001/34/EC directive to streamline listing rules and implements a minimum free float threshold of 10% to improve market liquidity. The directive supports SME growth markets, enabling distinct segments for SME securities within multilateral trading facilities, and aims to reduce fragmentation by aligning trading venue requirements. Member States must implement these changes within 18 months, with the directive set to bolster European SMEs’ access to investment and stimulate market competition. | ||
European Union | AFME | MiFIR/MiFID II Implementation Guide for Wholesale Secondary Markets | The Association for Financial Markets in Europe (AFME) released an implementation guide for MiFIR/MiFID II reforms, aimed at assisting firms operating in wholesale secondary markets across the EU and UK. The guide, developed in collaboration with Linklaters, provides insights into regulatory changes, including updates on market structure, transparency, consolidated tape providers, investment research, and order execution requirements. Notably, the reforms encompass changes in market data pricing, equity and bond transparency requirements, and investment research payment structures. This guide helps firms navigate new frameworks, manage transitional provisions, and anticipate future regulatory obligations as both EU and UK regulators pursue alignment and market stability. | |
United States | SEC | Enhanced Resilience and Recovery Plans for Clearing Agencies | The U.S. Securities and Exchange Commission (SEC) has proposed amendments to strengthen resilience, recovery, and wind-down plans for covered clearing agencies, aiming to ensure robust risk management and orderly operations during potential disruptions. These amendments, issued under the Exchange Act, would mandate more rigorous standards for managing intraday margin, requiring agencies to monitor exposures continuously and impose timely margin calls. Furthermore, a new rule would outline specific content requirements for recovery and wind-down plans, including criteria for activation, identified scenarios of potential risk, and the development of comprehensive recovery strategies. This initiative underscores the SEC’s commitment to enhancing financial stability by ensuring that clearing agencies have detailed, actionable plans to manage systemic risks effectively. |
Whether you’re adapting to new digital asset standards, enhancing ESG reporting, or managing capital requirements, FinregE’s AI-driven platform keeps you compliant and resilient. Book a demo to discover how FinregE simplifies compliance processes, helping you stay ahead in an ever-evolving regulatory landscape.