EU Regulatory Priorities and the Data Management Response Going into 2023

Regulation and data go hand in hand, but where will the hotspots be in 2023? To find out about imminent EU regulatory priorities with a significant impact on data management we talked to Dr David Doyle, an EU financial services regulatory expert, and frequent speaker at A-Team Group conferences.

EMIR Refit reporting standards

On 7 October 2022, the European Parliament and Council approved the EMIR REFIT technical standards, which designate the requirement for the Unique Product Identifier (UPI) for trades in derivatives, as an integral part of EU law. The EU is the first regional jurisdiction among the G20 to enforce use of the UPI alongside the existing Legal Entity Identifier (LEI ). The implementation timeframe is set for 29 April 2024.

The technical standards, set out in EC Delegated and Implementing Regulations, also pursue further alignment of data standards, formats, methods, and arrangements for reporting, accompanied by further harmonisation of the procedures to be applied by trade repositories for the validation of data reported, in terms of completeness and correctness, and the procedures for the reconciliation of data with other trade repositories. Trade repositories must also provide access to all data reported on behalf of non-reporting counterparties on reasonable commercial terms upon request.

The ultimate push for harmonisation comes with ESMA’s ITS Article 6, which calls for all derivatives admitted to trading, or traded on a trading venue, or by a systematic internaliser (SI) to use an International Securities Identification Number (ISIN) code. The remaining derivatives should be identified using a UPI code.

Sustainability risks disclosure regime 

The Corporate Sustainability Reporting Directive (CSRD), to be implemented in 2024 (reports published in 2025) by listed companies with over 500 employees and disclosing sustainability information across the entity’s financial value chain, will require significant data gathering and management, as well as time for the industry to report consistently in the correct format and in line with the EU sustainability taxonomy.

Among the directive’s tracking and reporting requirements are data and commentary covering:

• Environmental policies
• Social policies and the treatment of employees
• Respect for human rights
• Anti-corruption and anti-bribery policies
• Diversity on company boards
• Goals and progress for sustainability and ESG performance
• Impacts on the environment and society caused by company operations
• Risks to the company regarding sustainability
• Effects on company operations and performance caused by environmental and social risks
• Materiality process used for choosing areas of focus.

In addition, the EU Sustainable Finance Disclosure Regulation (SFDR) will require all financial actors to manage the sustainability risks of their own activities and measure how they impact the environment and society, essentially a double materiality approach.

Data challenges here include sourcing and managing large volumes of non-financial data from multiple sources and vendors, none of which are expected to provide all necessary information, and therefore call on firms to use two, or even more data vendors. This data must be integrated along with internal data to comply with SFDR requirements. More data sources may require extra data management capacity, and most SFDR obligations require information to be disclosed in multiple languages.

Revisions to MiFID, UCITS, AIFMD

Key amendments being negotiated, some of which will include substantial changes to data management, are: common rules on AIFM and UCITS liquidity management tools; common rules for AIFMs managing loan originating; creation of a Consolidated Tape as a centralised database of market date on price and volume of securities traded across EU trading platforms; and the reduction of the double volume cap (DVC) for dark trading from 8% to 7%.

The new measures also remove the venue specific 4% DVC, aligning derivatives trading and derivatives clearing obligations for smaller entities, and resulting in suspension of central clearing and trade reporting, and abolishing the ‘Open Access’ rule, allowing buyers and sellers of derivatives listed on exchanges across the EU to choose where they clear their contracts.

Doyle comments, “somewhat reassuringly, third-country investment firms use of the delegation model by AIFMs and UCITS managers vis-à-vis third countries for risk and portfolio management tasks, will continue to be permitted”. However, third-country investment firms will be subject to more prescriptive disclosures to national competent authorities. These include:

• List and description of delegated functions/activities
• Information about delegates and AIFM/UCITM due diligence over delegates, performance, sub-delegation
• Amount and percentage of assets delegated on portfolio management.

Management companies are also required to hire a minimum of two persons on a full-time basis and be resident in the EU.

Markets in Crypto-Assets Regulation, or MICA

While the crypto-asset sector has been rocked by a number of high-profile failures, the EU is forging ahead with the most comprehensive global legislative package designed to replace national bespoke regimes with an all-embracing Markets in Crypto-Assets Regulation (MICA) covering crypto issuers, providers, exchanges, trading platforms, custodian wallet providers, brokers etc.

Doyle says: “The EU is pretty much setting the benchmark for the rest of the world in terms of regulating the crypto-asset space, including third-country Crypto Assets Services Providers (CASPs), that need to have an EU physical presence and can then passport across the 27EU”.

To be clear, CASPs wishing to obtain authorisation in the EU under MICA must have a registered office, or physical place of effective management, in the EU, and have at least one director based in the EU zone. A range of other conditions for authorisation also apply, including capital requirements, governance arrangements, etc. Once authorised in its home EU member state, the CASP can then passport its services throughout the EU, via a physical branch or on a cross-border basis, without the need to secure separate authorisations in other EU member states.

With the new MICA rules, CASPs will have to comply with robust requirements to protect consumers wallets and become liable should investors’ crypto-assets be lost. MiCA will also cover any type of market abuse related to any type of transaction or service, and comes with specific AML provisions.

What’s lacking and will be a challenge for data management practitioners, says David, is a holistic and harmonised approach to regulating crypto-assets on a transnational scale, which is grounded in the principle of “same activity, same risk, same regulation”. “To reiterate the recent FSB orthodoxy on the subject, where crypto-assets and intermediaries perform an equivalent economic function to one performed by instruments and intermediaries of the traditional financial sector, they should be subject to equivalent regulation,” he concludes.

For more details about a new series of regulatory update events soon to be launched by A-Team Group entitled Insider’s View from Brussels – a deep dive into Financial Tech Regulations, delivered by David Doyle, please complete the form below to obtain registration conditions.

A leading EU financial services regulatory expert based between Brussels and Paris, David Doyle, will provide quarterly deep-dive updates into the latest Fintech and related financial services legislative developments covering EMIR, MiFIR, AIFMD, the EU Digital Strategy, the new EU AML framework, the sustainability disclosure regime, the revised Capital Requirements Directive/regulation, amongst other topics.

The events will offer an insider’s view of positions, negotiations, and perspectives from the European Commission, EU Parliament, Council and the ECB.