The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

IOSCO Publishes Principles on Cross Border Supervisory Cooperation, Including Proactive Data Sharing Requirements

The International Organisation of Securities Commissions (IOSCO) has published a set of Principles Regarding Cross-Border Supervisory Cooperation developed by its Technical Committee’s Task Force on Supervisory Cooperation, which recommends a more proactive approach to data sharing between regulators. The recommendations include the ability for regulators to obtain information from third party jurisdictions at will in order to ensure they are not left with “incomplete information” in a crisis situation or otherwise.

The principles are to bring the largely nationally focused regulatory community into line with a more globalised and interconnected world. Politically protectionist behaviour over data will therefore no longer be tolerated and the principles indicate that these regulators must all now play in the same data sandpit.

“Instead of narrowly focusing on entity-specific oversight, regulators should explore opportunities to further collaborate on identifying, assessing and mitigating emerging risks and seek to address and evaluate them on a global basis,” contends IOSCO. To facilitate such evaluations, it suggests that mechanisms such as cooperation agreements should be established and cross border groups be formed to tackle particularly challenging areas. Memoranda of understanding regarding these data sharing arrangements are likely to be the first order of the day.

The report highlights the current state of play with regards to data sharing practices including the various legal and organisational impediments to sharing information, which it contends should be addressed by the relevant authorities. “Sometimes regulators are hesitant to engage in cooperative supervision arrangements due to the concern that by doing so they would be relinquishing their oversight responsibilities to another regulator. Regulators may also be concerned that they will lose control of the oversight of their domestic market participants. A third concern might be that they lack sufficient resources to adequately provide other regulators with meaningful assistance without undermining their own oversight programs,” suggests IOSCO.

It instead recommends an enhanced oversight approach to the systemically important firms in the cross border space in particular: “In the event of significant cross-border linkages, affiliations, combinations or mergers among regulated entities such as exchanges, intermediaries, credit rating agencies and clearing organisations, authorities should commit to and establish colleges for working together in the oversight of the combined entities,” adds the report.

The focus is on communication with regards to the nature of the data required and the purpose of the investigation of that data, in order to ensure that misunderstandings between regulators do not occur. Obviously, in light of the current focus on data protection and privacy, the report also notes that safeguards for this data sharing process must be of a high level.

The recommendations don’t just stop at data sharing practices, however, they also indicate collaborative risk assessment and analysis should be conducted to ensure the full cross border picture is established. The focus would primarily be on entities regulated in one jurisdiction but located in another jurisdiction; regulated entities that have affiliates or branch offices located in other jurisdictions; and entities regulated in multiple jurisdictions.

But what does this all mean on a practical level for firms and their risk and data managers? Certainly there are likely to be more cross border regulatory groups established to which firms might have to report directly. And, if such improvements to the oversight of large financial institutions really do materialise in the long term, then firms will have to take more care to ensure their various subsidiaries and branches are all reading from the same page with regards to reference and market data.

IOSCO has already drawn up data templates for global hedge fund risk monitoring purposes and set out recommendations for trade data repositories in collaboration with the Committee on Payment and Settlement Systems. One can expect that, in light of this latest report, more of these data templates and recommendations are in the pipeline. “Mechanisms for supervisory cooperation should be designed to provide information both for routine supervisory purposes and during periods of crisis,” states the report.

Related content

WEBINAR

Upcoming Webinar: Brexit: Reviewing the regulatory landscape and the data management response

Date: 11 May 2021 Time: 10:00am ET / 3:00pm London / 4:00pm CET Duration: 50 minutes With Brexit behind us and the UK establishing its own regulatory regime having failed to reach equivalence with the EU, financial firms face challenges of double reporting, uncertainty about UK regulation, and a potential exodus of top talent. The...

BLOG

How to Tackle the Challenges and Gain the Opportunities of Unstructured Data

Unstructured data is coming into its own as financial institutions deploy machine learning to drive business insights out of the data, and use the data to develop more holistic risk profiles. Use cases such as these demonstrate the huge potential of harnessing unstructured data, but there are also associated challenges that must be addressed. Ahead...

EVENT

RegTech Summit APAC

RegTech Summit APAC will explore the current regulatory environment in Asia Pacific, the impact of COVID on the RegTech industry and the extent to which the pandemic has acted a catalyst for RegTech adoption in financial markets.

GUIDE

GDPR Handbook

The May 25, 2018 compliance deadline of General Data Protection Regulation (GDPR) is approaching fast, requiring financial institutions to understand what personal data they hold, why they process it, and whether it is shared with other organisations. In line with individuals’ rights under the regulation, they must also provide access to individuals’ personal data and...