In these days of unprecedented economic pressure and accompanying financial volatility, regulators around the world are realigning their priorities and rapidly shifting their strategies to support institutions through the ongoing crisis. In this regular weekly feature, we keep you up to date on the latest regulatory news, responses and approaches – from deadline delays to relief measures, reporting requirements to business continuity. Check in every week to see what’s changed and which goalposts have been moved.
- The Basel Committee has delayed the implementation of Basel IV by a year following intense lobbying from the financial industry due to the coronavirus chaos, with a new deadline of 1 January, 2023.
- The FCA has confirmed that the LIBOR transition timeline remains in place, and will be phased out by the end of 2021. On 25 March, the regulator acknowledged however that: “Many preparations for transition will be able to continue. There has, however, been an impact on the timing of some aspects of the transition programmes of many firms. Particularly in segments of the UK market that have made less progress in transition and are therefore still more reliant on LIBOR, such as the loan market, it is likely to affect some of the interim transition milestones.” Alongside other international authorities, the Bank of England, FCA and Working Group will continue to monitor and assess the impact on transition timelines, and have promised to update the market as soon as possible.
- ESMA has delayed the reporting requirement for Money Market Fund (MMF) managers from April 2020 to September 2020, due to an update to the XML schemas used for the reporting, according to a statement on 31 March.
- The Netherlands Authority for the Financial Markets (Autoriteit Financiële Markten, AFM) has stated that due to the impact of the coronavirus it will be suspending large data requests to financial undertakings until 1 June, 2020, in order to “give the financial sector room to focus fully on the challenges of this crisis and on the needs of customers.” Exceptions include compliance with the Money Laundering and Terrorist Financing (Prevention) Act and the Market Monitor for Advisers and Mediators (MMAB), it said in a statement on 26 March. However: “Despite the exceptional situation, the AFM expects financial parties to continue to comply with all laws and regulations that apply to them.”
The Financial Conduct Authority (FCA) has said it is working with the Bank of England and the Treasury department to review all firms’ contingency plans. This will extend to assessments of operational risks, the ability of firms to continue to operate effectively and the steps firms are taking to serve and support their customers. However, the bank has taken a relatively hard-line approach to reporting requirements and has reiterated that it will continue to monitor and crack down on any market abuse.
“We expect firms to take all reasonable steps to meet their regulatory obligations. For example, we would expect firms to be able to enter orders and transactions promptly into the relevant systems, use recorded lines when trading and give staff access to the compliance support they need. If firms are able to meet these standards and undertake these activities from backup sites or with staff working from home, we have no objection to this,” said the regulator in a statement on 4 March, 2020.
The FCA, Prudential Regulation Authority (PRA) and the Financial Reporting Council (FRC) released a joint statement on 26 March allowing listed companies an extra two months to publish their annual reports, albeit with a further warning that: “The Market Abuse Regulation (MAR) remains in force and companies are still required to fulfil their obligations concerning inside information as soon as possible unless a valid reason to delay disclosure under the regulation exists.”
On 3 March, the European Central Bank (ECB) issued a letter to significant institutions concerning their contingency preparedness in the context of COVID-19. In the letter, the bank makes it clear that supervised entities are expected to review their business continuity plans and consider what actions can be taken to enhance preparedness to minimise the potential adverse effects of the spread of COVID-19. These include an assessment of how long business continuity measures could be sustained under a global pandemic scenario, an assessment of whether alternative and sufficient back-up sites could be established, urgent testing of whether large scale remote working or other flexible working arrangements for critical staff could be activated and maintained, proactive assessment and testing of the capacity of existing IT infrastructure, also in light of a potential increase of cyber-attacks and potential higher resilience on remote banking services, and the requirement to contact critical service providers to ascertain how services continuity can be ensured.
The European Securities Markets Association (ESMA) has also set out its expectations for regulated firms with respect to business continuity planning, market disclosure and their other regulatory obligations. In a statement on 11 March, the regulator noted that: “All financial market participants, including infrastructures, should be ready to apply their contingency plans, including deployment of business continuity measures, to ensure operational continuity in line with the regulatory obligations.” ESMA also requires that issuers disclose “as soon as possible” any relevant significant information concerning the impacts of COVID-19 on their fundamentals, prospects or financial situation in accordance with their transparency obligations under the Market Abuse Regulation, and requests that firms provide transparency on the actual and potential effects of COVID-19 in their financial reporting.
“In response to the COVID-19 outbreak, ESMA has intensified its coordination with NCAs. To help market participants’ business continuity, we have clarified the requirements regarding the recording of telephone conversations, have provided relief regarding a number of deadlines, including that regarding SFTR, and have coordinated the implementation of short selling measures in a number of member states. We will continue this strong cooperation with NCAs to respond to the current exceptional circumstances,” says Steven Maijoor, Chair of ESMA.
On 20 March, ESMA published a Public Statement to ensure coordinated supervisory actions by national competent authorities on the application of the new tick size regime for systematic internalisers under Regulation (EU) 600/2014 of MiFIR, as part of its attempt to mitigate the impact of the COVID-19 outbreak on European financial markets. The regulator noted the difficulties for SIs to comply with the tick size regime in the current market situation and acknowledged that “in the current environment, market participants’ human and technological resources are stretched and have to focus on ensuring business continuity”. It also highlighted that introducing changes to “critical trading technology infrastructure” in such a situation could potentially “create additional operational risks for certain EU markets participants at a time of heightened volatility in markets.”
On 26 March, ESMA issued a public statement requesting competent authorities and NCAs to relax their supervisory actions around SFTR until at least 13 July 2020, thus effectively delaying implementation of SFTR reporting for three months.
“ESMA understands that the SFT reporting implementation is now heavily impacted by the COVID-19 pandemic. Counterparties, entities responsible for reporting and report submitting entities and TRs face severe resource restrictions in implementing at the same time contingency plans to ensure the continuity of their operations and ongoing projects to meet new regulatory requirements,” said the regulator.
On 27 March, ESMA also relaxed reporting requirements around the Transparency Directive, noting that it was “aware of the difficulties encountered by issuers whose securities are admitted to trading on regulated markets to prepare their financial reports and publish them within the deadline set out in the national law transposing the Transparency Directive1 (TD) and the significant challenges faced by auditors concerning the timely audit of the accounts due to the COVID-19 pandemic and the related actions taken by the Member States to prevent contagion.” In line with similar action taken by the UK’s FCA, the regulator has therefore advised National Competent Authorities to give institutions a two month grace period for annual reports, and a one month grace period for half yearly reports.
However, despite requests from some stakeholders to postpone the requirement to submit transparency calculations for equity instruments (required by MiFIDII/MiFIR to apply from 1 April, 2020), the regulator has decided to keep the submission date unchanged, noting that “adapting to new transparency results for equity instruments is a process that market participants have performed several times in the past and should not require new IT releases.”
The European Banking Authority (EBA) has also issued several measures to support banks’ operational resilience during this time. On 12 March, the EBA announced that the upcoming EU-wide stress test exercise would be postponed to 2021 to allow banks to focus on and ensure the continuity of their core operations. For 2020, the EBA will instead carry out an additional EU-wide transparency exercise in order to provide updated information on banks’ exposures and asset quality to market participants. The EBA also urged national authorities to “make full use of the flexibility embedded in existing regulation” and recommended that they plan supervisory activities, including on-site inspections, in a “pragmatic and flexible way”, and possibly postpone those deemed non-essential. Authorities should also give banks some leeway in the remittance dates for some areas of supervisory reporting, without putting at stake the crucial information needed to monitor closely banks’ financial and prudential situation.
Apart from a ban on short-selling, the French financial regulator (ACPR) has been tight-lipped around further measures, with very little published about its response to COVID-19 from an operational resilience or business continuity perspective. An emergency bill was presented to the French government on 18 March to counter the economic repercussions of the virus, including a guarantee for new loans. Central bank governor Francois Villeroy de Galhau stated in an interview on 3 March that their “coherent and powerful” response comprised three layers: “the quasi-unlimited provision of funding, agile intervention to purchase long-term securities, [and] intelligent flexibilities.” Further information is unavailable.
The German financial regulator, BaFin, has stated that it will take into account the recommendations of the EBA (as above) for its supervisory practice. Its risk guidelines (published in 2017) specifically state that the conclusion of transactions, as part of the trading activities by a credit institution or an investment firm, are only permissible outside of business premises if explicitly allowed by internal rules and with proper documentation of every transaction. However, on 12 March BaFin published a notice confirming that an institution may temporarily deviate from these strict rules for a “home office”-concept in a crisis, as part of a business contingency plan.
“If there is no access to office and commercial space, it is necessary to create an alternative to keep the business going,” said the regulator. “If institutions had previously ruled out these transactions, they would have to explicitly lift the ban and clearly outline the conditions under which, and if so, the period over which the new regulation should apply, and record this in work instructions.”
BaFin also emphasised that it always aimed to formulate its minimum requirements so that they do not stand in the way of technical innovations, noting that also applies in principle to the requirements for decentralized workplaces set up as part of crisis management in the area of ??retail business. It confirmed that all required security measures and controls can therefore be implemented electronically.
On 6 March 2020, the Dutch Central Bank (De Nederlandsche Bank, DNB) issued a press release outlining its approach to business continuity during the crisis, and emphasising the potential major impact of the Coronavirus on the operations of financial institutions. It warned that continuity plans and preparations sufficient to accommodate short isolated events could prove inadequate in the event of an ongoing pandemic, and noted that it expected institutions to recognize this risk, analyse its impact and take additional measures where necessary – highlighting that coronavirus represents a different and more long-term threat than may have been planned for under standard BCP measures. It requested that firms specifically address the following issues in their business continuity measures:
- Proactively monitor developments surrounding the pandemic, preferably through the creation of a multidisciplinary team consisting of representatives from IT, human resources, business and business continuity planning.
- Map and analyse possible consequences.
- Assess existing BCPs for adequacy, taking into account the possible absence of up to 30% of staff. Where necessary, improvements to existing BCPs should be implemented as soon as possible, taking into account both the directly time-critical business processes and the business processes that become critical in the event of (long-term) outages. An evaluation of the IT change calendar should be part of this.
- Explicitly include the pandemic scenario in BCP test strategy.
- Update infrastructure facilities to support a strong increase in internet traffic as staff work from home.
- Ensure that, where external service providers and / or critical suppliers are used, that these have taken adequate measures and are sufficiently prepared for a pandemic (the dependence of all outsourcing partners must be transparent and that measures are adequate). In critical outsourcing relationships (or suppliers), this may mean that outsourcing partners / suppliers for several financial institutions must be able to continue to provide services (anticipating possible concentration risks).
Check back next week for updates on North America and Asia.
Join us June 17-18th at RegTech Summit Virtual to hear from industry regulatory and technology experts all sharing insights about how to navigate the regulatory landscape in such turbulent and challenging times.
Subscribe to our newsletter