FIG Top 5 at 5 - 05/12/2024

Central Bank Speeches:

1. Deputy Governor of the Central Bank of Ireland, Sharon Donnery delivers speech on regulatory and supervisory perspectives as regards fintech

On 28 November 2024, Deputy Governor of the Central Bank of Ireland (“Central Bank”), Sharon Donnery, delivered a speech (“Speech”) at the Fintech Ireland Summit 2024.

While acknowledging the broad reach of technology as regards the financial sector, the Deputy Governor focused on regulatory and supervisory perspectives in relation to fintech. Her commentary included what the Central Bank is coming across and how it is dealing with rapid innovation in the financial sector.

Supervising innovation

The Deputy Governor spoke about the Central Bank’s need to remain “technology neutral” when it comes to supervising fintech firms and stated that it approaches the supervision in the same way as all other supervision  - focusing on the Central Bank’s four safeguarding outcomes of safety and soundness, consumer and investor protection, integrity of the system and financial stability.           

In recognising that technology presents benefits and risks to all of the Central Bank’s outcomes, the Deputy Governor highlighted the following:

• the safety and soundness of firms is linked with technology and operational resilience is key;
• there are inherent money laundering risks in some innovative sectors but technology also is providing solutions in this regard; and
• innovation can be both beneficial and detrimental to financial stability.

The Deputy Governor stated that it is not the role of the Central Bank to eliminate risks or put a stop to innovation but, rather, the focus should be on how technology is used and how risks relating to that use are managed.

Reminders to firms experiencing rapid growth

Deputy Governor Donnery then turned her focus to the Central Bank’s supervisory experience of rapid growth and change in parts of the financial system. Specifically, she stated that it remains true that boards and management bodies of regulated firms are responsible for all activities undertaken by the firm. She made the point that, while a focus on growth is to be expected in an innovative and rapidly growing firm, that growth needs to take place alongside growing control frameworks. The Central Bank expects regulated firms to have good governance and risk management capabilities commensurate to the relevant business model. Building on this point the Deputy Governor stressed the importance of global entities operating in Ireland finding a balance between leveraging expertise within the wider group and ensuring local governance is sufficient enough to be able to deliver and take responsibility for the local entity.

Safeguarding

In stating that the Central Bank has no tolerance for weaknesses in safeguarding arrangements, the Deputy Governor made the following points:

• firms must have robust, board approved, safeguarding risk management frameworks in place;
• firms are expected to be proactive in ensuring that the design and operating effectiveness of their safeguarding frameworks is tested on an ongoing basis;
• the Central Bank must be notified immediately of any safeguarding failures / issues;
• where issues are identified, mitigating and corrective measures are to be taken immediately to ensure that customer funds are safeguarded; and
• the cause of any safeguarding issue must be investigated and remediated in a timely manner.  

Central Bank initiatives in response to rapid innovation

The Deputy Governor highlighted the Central Bank’s recent supervisory initiatives responding to the rapidly innovating financial sector. It is worth noting in particular, the Deputy Governor’s comments on the Innovation Sandbox Programme and its research partnership with University of Limerick as follows:

• 38 applications have been received from Ireland, the rest of the EU and the UK to participate in the first iteration of the Innovation Sandbox Programme. The applicants include start – ups, established fintech firms and other existing financial services providers; and
• with specific reference to artificial intelligence (“AI”), Deputy Governor Rowland highlighted the launch this week of a research partnership programme between the Central Bank and Insight Research Ireland Centre for Data Analytics. She noted that this partnership will provide the Central Bank with additional capacity to deepen its understanding of applications of AI and data science to safeguard consumers and the financial system.
  

2. Meeting the climate challenge – remarks by Deputy Governor of the Central Bank of Ireland Sharon Donnery

On 27 November 2024, Deputy Governor of the Central Bank of Ireland (“Central Bank”), Sharon Donnery, delivered a speech at the Global Insurance Summit Europe, an event which was attended by delegates from the United Nations. The Speech centred around the theme of the Central Bank’s role in embracing the climate challenge.

In her speech, she stressed that the Central Bank sees climate impacts across all of its mandate. She noted the implications of climate change on price stability “through its impact on both structural and cyclical dynamics of the economy and the financial system.”  In terms of financial stability, systemic risks from climate change have been acknowledged for several years, including the potential for extreme climate events or a disorderly transition to a low-carbon economy which would have destabilising effects on the financial system.

The Deputy Governor emphasised the Central Bank’s integration of climate risk management and sustainable finance into its supervisory work. Among its key considerations are consumer protection, as well as ensuring financial institutions are accounting sufficiently for risks presented by climate change to their businesses and to their balance sheets. The Deputy Governor cited the establishment of the Climate Change Unit which aims to “strengthen the resilience of the financial system to climate-related risks and its ability to support the transition.”

The Deputy Governor then referenced the recent climate work and research undertaken by the Central Bank in respect of the insurance sector which resulted in the publication of its Climate Change Guidance. This guidance seeks to set a baseline of expectations for insurers and also provides a practical framework for insurers to help address climate risks in their businesses and assist in developing their governance and risk management frameworks. She also highlighted the Central Bank’s research into the nature and scale of the flood protection gap in Ireland. For more information, please see FIG Top 5 at 5 dated 17 October 2024.

Another area of focus for the Central Bank is the impact of nature degradation and biodiversity losses on the banking sector. She cited research carried out by the European Central Bank which identified the dependence of European companies and banks, in some way, on nature. Key findings point  to around “three million individual companies in the euro area being highly dependent on nature in some way, and almost 75% of euro area bank loans extended to such companies.”  If the issue of nature degradation persists, the potential risks to these companies and consequently, bank credit portfolios, will be significant and developing a framework to address these risks is essential.

In her concluding remarks, the Deputy Governor stated that the climate challenge will never be effectively tackled if the United Nations or Central Bank work in isolation. She highlighted the key role that the financial system has to play in facilitating the flow of capital to sustainable activities and addressing climate change risks and acknowledged the importance of multi – stakeholder engagement.  

2. MiCA Updates:

Following on from a number of MiCA developments reported in last week’s FIG Top 5 at 5, this week has seen yet further activity regarding MiCA and the possible treatment of crypto - asset service providers (“CASPs”) from an AML perspective. A high – level consideration of these developments is set out below.

1. ITS and RTS updates

Implementing Technical Standards

1. On 28 November 2024, Commission Implementing Regulation (EU) 2024 / 2902  was published in the Official Journal of the European Union (“OJEU”) having been adopted by the European Commission (“Commission”) on 20 November 2024. For more information on this regulation, please see FIG Top 5 at 5 dated 20 June 2024.

The regulation comes into force on 18 December 2024, being 20 days after publication in the OJEU, and will apply from 1 January 2025.

2. On 3 December 2024, Commission Implementing Regulation (EU) 2024 / 2984 was published in the OJEU having been adopted by the Commission on 29 November 2024. For more information on this regulation, please see FIG Top 5 at 5 dated 11 July 2024.

The regulation comes into force on 23 December 2024, being 20 days after publication in the OJEU, and will apply from 23 December 2025.

Regulatory Technical Standards

1. On 28 November 2024, the Commission adopted Delegated Regulation (C(2024) 8510 final) under MiCA. For more information on the delegated regulation, please see FIG TOP 5 at 5 dated 11 July 2024. 

The Council of the EU (“Council”) and the European Parliament (“Parliament”) will now consider the delegated regulation. If neither the Council nor the Parliament objects, the delegated regulation will be published in the OJEU and will enter into force 20 days after such publication.

2. On 29 November 2024, the Commission adopted Delegated Regulation (C(2024) 6909 final) under MiCA. For more information on the delegated regulation, please see FIG TOP 5 at 5 dated 11 July 2024. 

The Council and the Parliament will now consider the delegated regulation. If neither the Council nor the Parliament objects, the delegated regulation will be published in the OJEU and will enter into force 20 days after such publication.

2. EBA consults on proposed amendments to delegated regulation on CCPs under MLD4 to extend application to CASPS

On 4 December 2024, the European Banking Authority (“EBA”) published a consultation paper (“Consultation Paper”) on proposed amendments to draft regulatory technical standards (“RTS”) in Commission Delegated Regulation (EU) 2018 / 1108 (“Delegated Regulation”).

Background

Payment service providers (“PSPs”), electronic money issuers (“EMI”), and crypto - asset service providers (“CASPs”) that are authorised in an EU Member State can operate establishments in other, host, Member States. Once established, PSPs, EMIs and CASPs have to comply with local AML / CFT obligations. This is the case even if their establishments are not ‘obliged entities’ themselves. Accordingly, host Member States may require PSPs, EMIs or CASPs to appoint a central contact point (“CCP”) in their territory to facilitate AML / CFT supervision.

Draft RTS were issued in 2017 setting out the criteria for determining the circumstances in which the appointment of a CCP is appropriate and the functions of CCPs. However, their scope was limited to PSPs and EMIs.

Consultation

The EBA is seeking feedback on amendments to the Delegated Regulation that would extend their application to CASPs. This reflects amendments made to MLD4 by the Wire and Cryptoasset Transfer Regulation (WCTR) which extended the scope of MLD4 to cover CASPs.

In the Consultation Paper, the EBA stated that it proposes to:

• retain the structure and approach set out in Delegated Regulation, and leave the provisions that apply to PSPs and EMIs unchanged;
• extend existing provisions to CASPs, while introducing new provisions for CASPs where this is necessary in light of their business model and operation;
• include a definition of CASPs;
• extend other provisions in Articles 3 (1), (2), and (4), Article 4, Article 5 point (a) and (c), and Article 6 (1) and (2) to CAPSs; and
• include in Article 3 paragraph (1) point (b), specific criteria for determining the circumstances in which the appointment of a CCP should happen for CASPs. These criteria follow the same logic as that applied to EMIs and PSPs by focusing on the size and scale of the activities carried out by the entity in the host Member State but are adapted to fit the distinct nature of crypto-assets services.

Next Steps

The draft RTS are published for a two - month public consultation. The EBA will finalise the draft RTS once the consultation responses have been assessed. The final report on the draft RTS is expected to be published in Q2, 2025.

3. ESMA and EBA publish official translations of joint guidelines on suitability assessments under MiCA

On 4 December 2024, the European Securities and Markets Authority (“ESMA”) published a new webpage containing the official translations of the joint European Banking Authority (“EBA”) and ESMA guidelines on the assessment of the suitability of the members of the management body of issuers of asset – referenced tokens (“ARTs”) and of crypto – asset service providers (“CASPs”) (“Guidelines”).

The suitability assessment is based on the requirement that members of the management body of issuers of ARTs and CASPs must meet the criteria set out in Articles 34(2) and 68(1) of the markets in crypto – assets regulation (“MiCA”) respectively, which provide that members of the management body shall be of sufficiently good repute and capable of committing sufficient time to effectively perform their duties as well as the assessment of whether members of the management body have the individually and collectively appropriate knowledge, skills and experience to perform their duties.

The Guidelines are as follows:

• joint guidelines on the assessment of the suitability of the members of the management body of issuers of ARTs or CASPs; and
  
• joint guidelines on the assessment of the suitability of the shareholders or members, whether direct or indirect, with qualifying holdings in issuers of ARTs or CASPs.

Next Steps

The Guidelines apply from 4 February 2025. Competent authorities must notify the EBA or ESMA, by 4 February 2025, whether they:

• comply;
• do not comply, but intend to comply; or
• do not comply and do not intend to comply with the Guidelines.

Financial market participants and financial institutions are not required to report whether they comply with the Guidelines.

3. DORA Updates

1. Implementing Regulation on standard template for register of information under DORA published in OJEU

On 2 December 2024, Commission Implementing Regulation (EU) 2024 / 2956 (“Implementing Regulation”) was published in the Official Journal of the European Union (“OJEU”).

The Implementing Regulation sets out implementing technical standards (“ITS”) as regards standard templates for the register of information under Article 28(9) of DORA. For more information on the ITS, please see FIG Top 5 at 5 dated 25 January 2024.

Background

The Commission wrote to the European Supervisory Authorities (“ESAs”)  in September 2024 rejecting the draft ITS on the grounds that financial entities should have the choice of using EU unique identifiers (“EUIDs”) as well as legal entity identifiers (“LEIs”). The Commission proposed a revised version of the ITS. Subsequently, in October 2024, the ESAs published an opinion outlining their concerns about introducing the EUID as an identifier for these purposes. For more information please see FIG Top 5 at 5 dated 24 October 2024.

It should be noted that the Implementing Regulation is based on the draft ITS that the ESAs submitted to the Commission. In respect of the issue regarding the use of LEIs and EUIDs, the Implementing Regulation refers to financial entities using a valid and active LEI or EUID.

Next Steps

The Implementing Regulation enters into force on 22 December 2024, being 20 days after publication in the OJEU.

2. Joint Committee of the ESAs publishes statement on the application of DORA

On 4 December 2024, the Joint Committee of the ESAs issued a statement (“Statement”) calling on financial entities and third - party providers to advance their preparations to ensure their readiness for the 17 January 2025 application date of DORA.

The Statement highlights the fact that DORA does not have a transitional period and so financial entities in scope of DORA will need to adopt a robust, structured approach in order to meet their obligations in a timely manner. In the Statement, the ESAs have set out their expectations of firms, including:

• financial entities are expected to identify and address gaps between their internal setups and the DORA requirements, in a timely manner. In this regard, the ESAs do recognise that efforts to comply with DORA may be higher for some firms which have been subject to less sectoral requirements regarding digital operational resilience;
• financial entities should also prepare for the new reporting obligations, particularly regarding the preparation of their registers of ICT third-party providers’ contractual arrangements. These need to be available for competent authorities in early 2025, bearing in mind that such authorities will be required to report them to the ESAs by 30 April 2025;
• it is important that financial entities are able to classify and report their major ICT - related incidents from the date of application; and
• taking the risk profile, size, scale, and complexity of the activities of the various financial entities into account, competent authorities are prepared to supervise the DORA requirements in a risk  - based manner. 

The ESAs also invite ICT third - party service providers that consider they may meet the criticality criteria published in May 2024 to assess their operational set-up against the DORA requirements. 

Next Steps

The ESAs have stated that the first designation of critical ICT third - party service providers is expected to take place in the second half of 2025.

4. European Commission publishes FAQs on the EU taxonomy for sustainable economic activities

On 29 November 2024, the European Commission (“Commission”) published a set of frequently asked questions (“FAQs”) that aim at providing technical clarifications on the application of the EU taxonomy, particularly regarding:

• the technical screening criteria for new activities included in the Taxonomy Climate and Environmental Delegated Acts;
• the generic ‘do no significant harm’ (“DNSH”) criteria to ensure that economic activities contributing to one of the environmental objectives set out in the Taxonomy Regulation do not cause significant harm to any of the other environmental objectives; and
• the related reporting obligations for activities covered by the Climate Delegated Act and the Environmental Act.

The Commission has stated that the FAQs are part of its efforts to make the EU sustainable finance framework more usable and reduce the administrative burden on companies. Further, the FAQs are intended to assist financial and non - financial undertakings in implementing the relevant legal provisions.

The FAQs consist of nine sections addressing the following areas:

• general questions;
• questions related to the objective of climate change mitigation (annex I to the Taxonomy Climate Delegated Act);
• questions related to the objective of climate change adaptation (annex II to the Taxonomy Climate Delegated Act);
• questions related to the objective of water and marine resources (annex I to the Taxonomy Environmental Delegated Act);
• questions related to the objective of transition to a circular economy (annex II to the Taxonomy Environmental Delegated Act);
• questions related to the objective of pollution prevention and control (annex III to The Taxonomy Environmental Delegated Act);
• questions related to the objective of biodiversity and ecosystems (annex IV to the Taxonomy Environmental Delegated Act);
• questions related to the generic DNSH criteria; and
• questions related to the Taxonomy Disclosures Delegated Act.

Next Steps

Commissioner for Financial Services, Financial Stability and Capital Markets Union, Mairead McGuinness, stated that:

“The EU taxonomy provides investors with a common understanding of the environmental impacts of their investments while guiding companies’ sustainable transition efforts. Our focus now is to improve the usability of the framework and these FAQs will help companies as they apply the taxonomy”.

The FAQs have been approved in principle by the Commission and its formal adoption, in all the official languages of the European Union, will take place as soon as the language versions are available. The Commission has stated that it will update the FAQs, as appropriate.

5. Finance sector issues joint statement calling for reassessment of the RIS in light of Commission’s competitiveness goals

On 28 November 2024, various representative associations of the financial sector, issued a joint statement (“Statement”) calling for a reassessment of the Retail Investment Strategy (“RIS”), by the co – legislators, in light of the European Commission’s (“Commission”) competitiveness goals. The Statement was issued ahead of the EU interinstitutional negotiations between the European Parliament, Council and Commission on the retail investment strategy, which are planned to begin in January 2025.

The signatory associations of the Statement include:

• the European Banking Federation;
• Insurance Europe;
• the Association of Mutual Insurers and Insurance Cooperatives in Europe;
• the European Federation of Insurance Intermediaries; and
• the European Fund and Asset Management Association.

The Statement welcomes the Commission’s focus on boosting competitiveness, the enforcement of existing legislation and the simplification of regulatory frameworks. Indeed, the Statement also references that fact that these goals were mentioned by Commissioner - Designate Maria Luis Albuquerque during her confirmation hearing.

With the forgoing in mind, the Statement advances the need for a “competitiveness check” for the RIS. It is maintained, in the Statement, that in its current form, the RIS will not result in the increase of retail participation in European capital markets. Further, it is argued that the current draft proposals contradict the EU’s commitment to reduce regulatory burden which will hinder the main goal of increasing European competitiveness.

The Statement urges EU policy makers to reconsider the focus of the RIS, paying particular attention to the following:

• simplification for firms and retail investors: the Statement sets out that the current proposed RIS would result in an increase in the reporting burden and record – keeping requirements. It is stated that the RIS should aim to streamline regulations and avoid the imposition of new, disproportionate compliance obligations that only result in obstacles for the market and investors;
• streamlined sales processes for retail investors: the Statement puts forward the argument that the proposed RIS would make the investment process longer and more onerous, taking into account the various tests, conditions and disclosure obligations. The reduction of such barriers is urged in the Statement; and
• reduction of information overload: while recognising the need for transparency, the Statement sets out that the current RIS proposal imposes excessive and overly detailed cost disclosures and warning obligations. It is advanced that this will overwhelm potential investors  and, rather than making investing more attractive, will result in less participation. The Statement maintains that an emphasis on key product benefits, that influence investor decisions, should be a feature of the RIS.