May 2024 Regulatory Roundup

INVESTMENT SERVICES & CAPITAL MARKETS

MIFID and MIFIR

ESMA 2023 report on quality and use of data

On 11 April 2024, ESMA published its fourth report on the quality and use of data.

The report aims to provide transparency on how the data collected under different regulations is used systematically by authorities in the EU, and clarifying the actions taken to ensure data quality. The report provides details on how national competent authorities (NCAs), the ECB, the ESRB and ESMA use the data that is collected through the year from different legislation requirements, including datasets from EMIR, the SFTR, MIFIR, Securitisation Regulation, AIFMD and MMFR.

To understand better how the information was used, ESMA collected detailed input from NCAs, the ECB and ESRB regarding their use of data in the day-to-day operations, covering a range of use cases from market monitoring to supervision, enforcement and policy making.

The report presents the results of the data quality actions undertaken in 2023 across various datasets, compilating specific examples where the implementation of engagement frameworks leads to measurable improvements of data quality, while stressing that, in specific areas, data quality issues tend to persist over time. To increase transparency with external data users, ESMA is also making available in the Annex: (i) the methodology to calculate the data quality indicators concerning EMIR, MIFIR transparency, AIFMD and MMFR; and (ii) codes to automatically download data files from approved publication arrangements websites.

ESMA believes that this additional documentation will further contribute to a mutual understanding between reporting entities, market infrastructures, data users and the regulatory community and a better alignment of priorities. ESMA concludes that while the joint efforts and engagements of the industry, NCAs and ESMA has led to significant improvements of data quality across the board, there remains room for further improvement of data quality, as well as signals of data quality deterioration on certain dimensions, which ESMA will continue monitoring.

EMIR

ESMA shows EU regulators’ supervisory practices regarding EMIR data quality improving

On 11 April 2024, ESMA published its follow-up report to the 2019 peer review into supervisory actions aiming at enhancing the quality of data reported under EMIR.  

The report shows that supervisory practices improved significantly following the findings and recommendations of the 2019 peer review. 

The five National Competent Authorities (NCAs) (CY, DE, FR, IE, NL]) included in this follow-up report took specific measures at national level such as:

• rolling out data quality dashboards; 
• undertaking more granular data quality checks; and 
• increasingly using EMIR data as part of day-to-day supervision.  

The NCAs also carried out extensive supervisory work on EMIR data quality under the Union Strategic Supervisory Priority related to data quality that ran from 2020 to 2023.  

ESMA played an important coordination role developing a framework for the provision of data and follow-up of EMIR data quality issues at EU level.  

Ensuring data quality will remain a key area of focus for all NCAs. They will continue to use the appropriate tools to drive up standards and checking entities’ compliance with their regulatory and reporting requirements. [/vc_column_text][/vc_column][/vc_row][/vc_section][vc_section css=”.vc_custom_1609007282200{margin-bottom: 20px !important;}”][vc_row css=”.vc_custom_1609007241176{padding-right: 15px !important;padding-left: 15px !important;}”][vc_column css=”.vc_custom_1612794217189{margin-bottom: 20px !important;padding-top: 3px !important;padding-right: 20px !important;padding-bottom: 3px !important;padding-left: 20px !important;background-color: #283a66 !important;}”][vc_column_text]

DIGITAL OPERATIONAL RESILIENCE

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]Digital Operational Resilience Act (Dora)

ESAs to run voluntary dry run exercise to prepare industry for the next stage of DORA implementation

On 11 April 2024, the European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) announced that they will launch in May the voluntary exercise for the collection of the registers of information of contractual arrangements on the use of ICT third-party service providers by the financial entities.

Under the Digital Operation Resilience Act (DORA) and starting from 2025, financial entities will have to maintain registers of information regarding their use of ICT third-party providers. In this dry run exercise, this information will be collected from financial entities through their competent authorities and will serve as preparation for the implementation and reporting of registers of information under DORA.

The ESAs and the competent authorities are introducing this voluntary exercise to help financial entities prepare for establishing their register of information,  gathering the relevant information specified in the ESAs’ final draft Implementing Standards on the registers of information and reporting their registers of information to their respective competent authorities, who will, in turn, provide those to the ESAs.

Financial entities participating in the dry run will receive support from the ESAs to: (1) build their register of information in the format as close as possible to the steady-state reporting from 2025, (2) test the reporting process, (3) address data quality issues, and (4) improve internal processes and quality of their registers of information.

As part of the exercise, the ESAs will provide feedback on data quality to financial entities participating, return cleaned files with their register of information, organise workshops and respond to frequently asked questions.

The ad-hoc data collection is expected to be launched in May 2024 with the financial entities expecting to submit their registers of information to the ESAs through their competent authorities between 1 July and 30 August. A dedicated factsheet is also available for more information.

ESAs consult on technical standards for joint examination teams under DORA

On 18 April 2024, the European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) launched a public consultation on the draft Regulatory Technical Standards (RTS) on the conduct of oversight activities in relation to the joint examination teams under the Digital Operational Resilience Act (DORA). 

The primary goal of the draft RTS is to lay out the criteria for determining the composition of the joint examination teams – ensuring a balanced participation of staff members from the ESAs and from the relevant competent authorities – as well as the designation of the members, their tasks, and working arrangements. 

These draft RTS aim at ensuring maximum efficiency and effectiveness regarding the functioning of the joint examination teams, given their central role in the daily oversight of critical ICT third-party service providers (CTPPs). The proposed technical standards take into account the high technical complexity of the oversight activities and the scarce availability of the expertise needed to perform them.  

The ESAs invite stakeholders to submit their comments on the draft RTS by 18 May 2024 using the links available on the consultation page.  

All contributions received will be published following the end of the consultation, unless requested otherwise.  

The DORA and the related RTS will apply from 17 January 2025. [/vc_column_text][/vc_column][/vc_row][/vc_section][vc_section css=”.vc_custom_1609007282200{margin-bottom: 20px !important;}”][vc_row css=”.vc_custom_1609007241176{padding-right: 15px !important;padding-left: 15px !important;}”][vc_column css=”.vc_custom_1612794217189{margin-bottom: 20px !important;padding-top: 3px !important;padding-right: 20px !important;padding-bottom: 3px !important;padding-left: 20px !important;background-color: #283a66 !important;}”][vc_column_text]

FINANCIAL CRIME

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_single_image image=”10028″ img_size=”full”][vc_column_text]Anti-money laundering

European Parliament adopts proposed EU AML/CFT package

On 24 April 2024, the European Parliament announced that it had adopted a first reading position on a broad package of anti-money laundering and countering the financing of terrorism (AML/CFT) rules.

The AML/CFT package consists of:

• the sixth Anti-Money Laundering (AML) Directive (MLD6);
• the EU “single rulebook” regulation (the AML Regulation); and
• the Anti-Money Laundering Authority (AMLA) Regulation (AMLAR).

It aims to remedy the fragmented approach created by Directive implementation in Member States, by centralising supervision and employing Regulations to ensure greater consistency across Member States.

The measures include enhanced due diligence and the formation of a new central EU authority, the AMLA, which will be established in Frankfurt. The AMLA will directly supervise high-risk financial entities, the implementation of targeted financial sanctions and mediate between supervisors.

The laws still need to be formally adopted by the Council of the EU before publication in the Official Journal. The European Commission has published FAQs on the AML/CFT package and FAQs on the AMLA, a factsheet and an article on the new regime.

The texts adopted by the European Parliament reflect the provisional agreements reached with the Council of the EU in December 2023 and January 2024.[/vc_column_text][/vc_column][/vc_row][/vc_section][vc_section css=”.vc_custom_1609007282200{margin-bottom: 20px !important;}”][vc_row css=”.vc_custom_1609007241176{padding-right: 15px !important;padding-left: 15px !important;}”][vc_column css=”.vc_custom_1612794217189{margin-bottom: 20px !important;padding-top: 3px !important;padding-right: 20px !important;padding-bottom: 3px !important;padding-left: 20px !important;background-color: #283a66 !important;}”][vc_column_text]

FUNDS

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_single_image image=”9400″ img_size=”full”][vc_column_text]AIFMD

ESMA agrees with investment restrictions on GBP LDI funds in Ireland and Luxembourg

On 29 April 2024, ESMA issued its advice to the Central Bank of Ireland (CBI) and the Commission de Surveillance du Secteur Financier (CSSF) on investment restrictions for GBP Liability-Driven Investment (LDI) funds to ensure their resilience. 

The advice follows the notification from the CBI and the CCSF of their intention to impose an investment restriction on Alternative Investment Fund Managers (AIFMs) established in Ireland and Luxembourg and managing GBP-denominated AIFs pursuing an LDI funding strategy. These funds are typically set up by defined benefits pension schemes that provide guaranteed returns to future pensioners. 

The measure consists in requiring GBP LDI funds to be able to resist a rise in GBP yields of at least 300 basis points (so called “yield buffer”). 

ESMA’s analysis concludes that the conditions for taking actions under the Alternative Investment Fund Managers Directive (AIFMD) are met and the measures proposed by the CBI and the CSSF are justified and should contribute to improving the resilience EU GBP LDI. ESMA also encourages both regulators to monitor the evolution of the GBP LDI funds and to assess the necessity to recalibrate the yield buffer. 

The measure applied from 29 April 2024. GBP LDI funds established on or after this date must comply with the measure immediately while existing GBP LDI funds have a three-month transitional period to comply. The measure is not limited in duration.  

ESMA also invites other competent authorities of AIFMs managing such funds to adopt similar measures.[/vc_column_text][/vc_column][/vc_row][/vc_section][vc_section css=”.vc_custom_1609007282200{margin-bottom: 20px !important;}”][vc_row css=”.vc_custom_1609007241176{padding-right: 15px !important;padding-left: 15px !important;}”][vc_column css=”.vc_custom_1612794217189{margin-bottom: 20px !important;padding-top: 3px !important;padding-right: 20px !important;padding-bottom: 3px !important;padding-left: 20px !important;background-color: #283a66 !important;}”][vc_column_text]

SUSTAINABLE FINANCE

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]Corporate Sustainability Due Diligence Directive (CSDDD)

European Parliament adopts proposed Corporate Sustainability Due Diligence Directive

On 24 April 2024, the European Parliament adopted the proposed Corporate Sustainability Due Diligence Directive.

The Directive requires firms and their upstream and downstream partners, including supply, production and distribution to prevent, end or mitigate their adverse impact on human rights and the environment.

The rules will apply to:

• EU companies and parent companies with over 1000 employees and a worldwide turnover higher than 450 million euro;
• companies with franchising or licensing agreements in the EU ensuring a common corporate identity with worldwide turnover higher than 80 million euro if at least 22.5 million euro was generated by royalties; and
• non-EU companies, parent companies and companies with franchising or licensing agreements in the EU reaching the same turnover thresholds in the EU.

These firms will have to integrate due diligence into their policies, make related investments, seek contractual assurances from their partners, improve their business plan or provide support to small and medium-sized business partners to ensure they comply with new obligations.

Companies will also have to adopt a transition plan to make their business model compatible with the Paris Agreement global warming limit of 1.5°C.

Member States will be required to provide companies with detailed online information on their due diligence obligations via practical portals containing the Commission’s guidance. They will also create or designate a supervisory authority to investigate and impose penalties on non-complying firms. These will include “naming and shaming” and fines of up to 5% of companies’ net worldwide turnover. Companies will be liable for damages caused by breaching their due diligence obligations and will have to fully compensate their victims.

The Directive needs to be formally endorsed by the Council, after which it will be published in the OJ. It will enter into force 20 days after publication, and Member States will have two years to transpose the new rules into their national laws.  The new rules (except for the communication obligations) will apply on a phased basis from 2027 becoming fully effective from 2029 and apply to EU companies (and non-EU companies reaching the same turnover thresholds in the EU) as follows:

• From 2027 to companies with over 5000 employees and worldwide turnover higher than 1500 million euro;
• From 2028 to firms with over 3000 employees and a 900 million euro worldwide turnover;
• From 2029 to all the remaining companies within the scope of the directive (including those over 1000 employees and worldwide turnover higher than 450 million euro).

ESG ratings

European Parliament adopts proposed Regulation on transparency and integrity of ESG rating activities

On 24 April 2024, the European Parliament adopted the text of the proposed Regulation on the transparency and integrity of ESG rating activities.

The text reflects the provisional agreement reached with the Council of the EU in February. Among other changes, the new rules will require more transparency:

• Break down the ESG rating – separate E, S and G ratings to be provided, rather than a single ESG metric that aggregates the different E, S and G factors. If an ESG rating covers the E factor, information will also need to be provided on whether that rating takes into account the alignment with the Paris Agreement and any other relevant international agreements; and
• Promote the ‘double materiality’ approach – the rating agencies to explicitly disclose whether the delivered rating assesses how the rated entity affects and is affected by E, S and G factors, i.e. whether the delivered rating addresses both material financial risk to the rated entity and the material impact of the rated entity on the E, S and G factors, or whether it takes into account only one of these.

In this way, ESG raters are encouraged to address the material impact of the rated entity on the environment and society (double materiality) more than is currently the case.

They will complement other already existing legislation such as the Sustainable Finance Disclosure Regulation, the Taxonomy Regulation, the Corporate Sustainability Reporting Directive, and the Green Bonds regulation.

The adopted text will now undergo lawyer-linguist revision and, once complete, the European Parliament will need to confirm the final text. This will not take place until after the European Parliament elections in June. The Council of the EU would then be expected formally to adopt the finalised text. After this, the text will be published in the Official Journal and enter into force 20 days after its publication. It will apply 18 months following its entry into force.[/vc_column_text][/vc_column][/vc_row][/vc_section][vc_section css=”.vc_custom_1609007282200{margin-bottom: 20px !important;}”][vc_row css=”.vc_custom_1609007241176{padding-right: 15px !important;padding-left: 15px !important;}”][vc_column css=”.vc_custom_1612794217189{margin-bottom: 20px !important;padding-top: 3px !important;padding-right: 20px !important;padding-bottom: 3px !important;padding-left: 20px !important;background-color: #283a66 !important;}”][vc_column_text]

CySEC DEVELOPMENTS

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_single_image image=”8217″ img_size=”full” alignment=”center”][vc_column_text]Circular C628: Date of authorisation – Clarifications regarding Circular 191 and repeal of Circular 274

On 4 April 2024, CySEC issued Circular C628 to inform Regulated Entities that Circular C274 has been repealed.

Further to Circular C191 (‘C191’), CySEC clarified that the ‘date of authorisation’, mentioned in paragraph 2 of C191, is the date specified in the letter CySEC sends, notifying an entity of the granted authorisation.  

Thus, the obligations for submission of reports or/and other information as well as compliance with the relevant legislation start as of that date.

Circular C629: Requirements of the Portuguese Securities and Exchange Commission (the ‘CMVΜ’) regarding the Financial Intermediaries on Advertising

On 4 April 2024, CySEC issued Circular C629 (‘C629’) to draw the attention of the Cyprus Investment Firms (the ‘CIFs’), to the Circular Note No. 010/2023 – Financial Intermediaries on Advertising, issued by CMVM (the Portuguese Securities and Exchange Commission), regarding advertising by Financial Intermediaries* in Portugal.

The CMVM requests the financial intermediaries registered with the CMVM and financial intermediaries carrying out financial intermediation activities in Portugal through the freedom to provide services, to ensure the following:

1. the advertising they carry out includes their “entity identification”, regardless of the channel used,
2. all the information provided is complete, truthful, current, clear, objective, and lawful and
3. where they refer, in their advertisements, to potential benefits of an investment service or financial instrument, they must also correctly and clearly state the relevant risks of that investment service or financial instrument.

CySEC urges all CIFs that are advertising the provision of financial services and/or financial instruments to investors in Portugal to take, where necessary, appropriate actions and measures to adhere to the CMVM’s Circular.

* CySEC has previously issued Circular C433, which provides clarification on the term ‘financial intermediary’.

Circular C631: Prudential reporting based on the results of the audited financial statements

On 10 April 2024, CySEC issued Circular C631 to remind CIFs of the prudential reporting based on the results of audited financial statements.

According to Article 2(4) of Commission Implementing Regulation (EU) 2021/2284 with regard to supervisory reporting and disclosures of investment firms:

• ‘Investment firms may submit unaudited figures. Where audited figures deviate from submitted unaudited figures, the revised, audited figures shall be submitted without undue delay. For the purposes of this Article, ‘unaudited figures’ shall mean figures that have not received an external auditor’s opinion whereas audited figures are figures audited by an external auditor expressing an audit opinion.’

Therefore, where the CIF’s audited figures deviate from the submitted unaudited figures used in its prudential reporting, the CIF should submit, without undue delay, to CySEC its prudential reporting based on its audited figures.

This submission should be made through the CySEC’s XBRL portal by creating a filling with reference date the last day of the previous financial year (e.g. 31/12/XXXX), both on solo and consolidated basis, and no later than five months from the end of each financial year. In the ‘Comment’ section the CIF should state ‘Based on Audited Figures 3112XXXX’.

Submissions via CySEC’s XBRL portal will be accepted from April 1^st to May 31^st annually.

Circular C633: Notification of errors and omissions regarding EMIR reporting under new reporting rules coming into effect 29 April 2024

On 16 April 2024, CySEC issued Circular C633 to clarify to Cyprus established Entities Responsible for EMIR Reporting (‘the Entities’) the procedure for notifying errors and omissions to CySEC under the updated EMIR-REFIT reporting rules coming into effect on 29 April 2024.

The Entities shall familiarise themselves with the provisions of Article 9 of Regulation EU 2022/1860, regarding when a notification event is triggered as well as the minimum content that the notification must contain.

To this end ESMA has produced a notification template, which can be found on ESMA’s website. When a notification event is triggered the Entities must complete the form and send it with email to EMIR.EON@cysec.gov.cy, with the file name EMIR EO_dd-mm-yyyy_LEI of ERR_ID of the notification.xlsx., which shall also be stated in the email subject line.

Circular C635: EU Council’s Restrictive Measures against Russia due to its military aggression against Ukraine – Article 5r of Council Regulation (EU) No. 833/2014

On 19 April 2024, CySEC issued Circular C635 (‘C635’) regarding the new reporting obligations following the addition of Article 5r of Council Regulation (EU) No. 833/2014.

The European Commission has issued specific FAQs, as of 12 April 2024, for the provisions of relevant Article on the reporting on outgoing transfers, including a relevant Reporting Template to facilitate the reporting process.

The relevant reporting obligations introduced are a continuous obligation with fixed deadlines (refer to question 8 of the FAQs).

The Ministry of Finance has issued a relevant announcement, dated 16 April 2024, regarding the reporting obligations introduced by the relevant Article.

All the Regulated Entities that are affected by the new reporting obligations should submit directly to the Ministry of Finance at sanctions.compliance@mof.gov.cy the relevant reports, within the set timeframes* and according to the set manner.

*The first reporting should have been done on 1 May 2024 and should have covered the period between 1 January 2024 and 31 March 2024.

The obligation to report for credit and financial institutions initiating the funds transfers subject to paragraph 2 of Article 5r kicks in on 1 July, hence the day after the end of the first semester. Therefore, the first report should be submitted by 15 July 2024.

Circular C637: Updated version of the ESMA Guidelines on stress test scenarios under the MMF Regulation

On 22 April 2024, CySEC issued Circular C637 (‘C637’) through which it reminded AIFMs and UCITS Management Companies that ESMA issued on March 6, 2024, an updated version of its Guidelines on stress test scenarios under the MMF Regulation (the ‘Guidelines’).

The Guidelines apply to money market funds and managers of money market funds as defined in the MMF Regulation.

Furthermore, C637 replaces the previously issued on the same topic Circular C561.

Circular 639: Voluntary Dry Run Exercise to prepare industry for the next stage of Digital Operational Resilience Act (DORA) implementation

On 24 April 2024, CySEC issued Circular C639 to notify Regulated Entities of the upcoming voluntary exercise initiated by the European Supervisory Authorities (EBA, EIOPA, ESMA) for the collection of the registers of information of contractual arrangements on the use of ICT third-party providers by the Financial Entities, as defined in Article 2(1) and (2) of the Digital Operation Resilience Act (‘DORA’).

Under DORA and starting as of 2025, Financial Entities will be required to maintain registers of information regarding their use of ICT third-party providers. In this dry run exercise, this information will be collected from Financial Entities through their competent authorities and will serve as preparation for the implementation and reporting of registers of information under DORA.

The ad-hoc data collection is expected to be launched in May 2024 with the financial entities expecting to submit their registers of information to the ESAs through their competent authorities between 1 July and 30 August.

Circular C640: European Banking Authority’s Guidelines amending Guidelines EBA/2021/02 – Guidance to crypto-asset service providers to effectively manage their exposure to ML/TF risks

On 26 April 2024, CySEC issued Circular C640 (‘C640’) to inform its Regulated Entities that on the 16^th of January 2024, the European Banking Authority (the EBA) extended its Guidelines on money laundering (ML) and terrorist financing (TF) risk factors to crypto-asset service providers (CASPs).

Via C640, CySEC highlights that given the interdependence of the financial sector, the new Guidelines  also include guidance addressed to other credit and financial institutions that have CASPs as their customers or which are exposed to crypto assets. This risk is increased where credit and financial institutions engage in business relationships with providers of crypto-asset services which are not authorised under Regulation (EU) 2023/1114.

The amending Guidelines will apply from 30^th December 2024.[/vc_column_text][/vc_column][/vc_row][/vc_section]