AuthorPeter Oakes is an experienced anti-financial crime, fintech and board director professional. Archives
April 2024
Categories
All
|
Back to Blog
The Independent Review of the Fitness and Probity Regime by Mr Andrea Enria, the former Chair of ECB Supervisory Board has been published by the Central Bank of Ireland. Speaking for the Central Bank of Ireland, its Governor (Gabriel Makhlouf) has confirmed that all of the recommendations in the review are accepted by the regulator. One of the immediate actions arising from the recommendations is the creation of a new unit to bring together F&P activities that are currently dispersed across the Central Bank. Those who called for an external decision making process should note the following view of Andrea Enria: "To externalise the decision making process would therefore likely not serve the objective of ensuring decisions are made in a more timely manner. This suggests that an appropriate balance is found, including elements of independent challenge within the structures of the Central Bank" at page 50. Copy of the Review here Extract of the Recommendations here Summary of the 12 RecommendationsA summary of the 12 Recommendations appearing at Appendix 1, page 79 onwards, are as follows:
Recommendation 1 – Fostering industry role in gatekeeping - guidance should clearly outline the key, proportionate expectations of the Central Bank as regards the process that a regulated entity engages in prior to submitting an application for a PCF approval a) due diligence/screening b) background checks c) documentation and record keeping d) on-going monitoring Recommendation 2 – Clear fitness and probity standards - recommendations made in following areas to further enhance the effectiveness of the fitness and probity standards and guidance issued by the Central Bank a) accessibility of the F&P standards b) enhance the F&P Standards c) regularly review and update standards: establish a process for regularly reviewing and updating F&P standards d) holistic consideration of complementary powers Recommendation 3 - Governance a) establishment of an F&P gatekeeping unit with responsibility for the entire gatekeeping process b) enhanced implementation of a risk-based approach for F&P gatekeeping, with a reconsideration of the overall number of PCF roles and a possible adjustment in the approach to different sectors including to the funds sector, which is the largest contributor in terms of applications Recommendation 4 – Decision making a) legal advice on any PCF Gatekeeper applications should only be provided by the in-house Legal Division. b) Minded to Refuse Letters to include a draft decision including and address all relevant concerns, relevant law and issues along with written responses to any arguments raised by the applicant c) a significant decisions committee would be established within the Central Bank d) the Chair of the committee should have authority to decide upon composition based on the features of the underlying case e) legal advice at the decision making stage should only be provided by the General Counsel to the Central Bank Recommendation 5 – Communication and IT platform a) the Central Bank should organise an annual information session open to both firms and potential candidates b) ad hoc workshops should be organised to obtain feedback from firms on the functioning of the Online Portal for applications and other possible improvements Recommendation 6 – Interview stage a) interview notification b) duration of the interview c) setting of interviews and comments on minutes (further, the setting for the interviews should remain conversational, rather than adversarial) d) the Central Bank should adopt as a principle that it will provide feedback in all cases where an interview has been conducted Recommendation 7 – Efficiency of interview process - two recommendations (a) recommended that “meet and greet” type interviews should not form part of the F&P gatekeeping process; and (b) the Central Bank should aim to conduct a single comprehensive interview to reduces potential for unnecessary duplication, such as conducting an initial assessment interview followed by a specific interview, particularly when a specific issue is known in advance Recommendation 8 – Withdrawals/feedback - Central Bank should adopt as a principle that it will always provide feedback to both the regulated entity and the individual after an interview. It is further recommended that such feedback be provided also in cases where a withdrawal occurs Recommendation 9 – Management information a) clear and comprehensive service standards - to promote transparency and avoid confusion, service standards should be clear, comprehensive and cover all relevant aspects of the process b) time limits - the Central Bank should commit to a set timeframe within which it will have processed to conclusion all F&P applications c) reporting - the Central Bank should enhance transparency by publishing standardised information, with appropriate breakdowns, on at least an annual basis d) reporting - Data Points e) reporting - Qualitative points: In providing the above information the Central Bank should have regard to the following qualitative points Recommendation 10 – Quality assurance - a robust quality assurance mechanisms should be set in place. This work should be conducted by staff of the Central Bank with the oversight of an externally appointed risk advisor to the Central Bank Recommendation 11 – Complaints procedure - complaints process should be established specifically for the F&P gatekeeping process Recommendation 12 - Training - develop a comprehensive training programme for the F&P gatekeeping process; the process to be adopted including any risk framework overlay, conduct of interviews and provision of feedback
0 Comments
Read More
Back to Blog
Central Bank of Ireland lays out its expectations of firms seeking crypto licensing in Ireland29/5/2024 If you are looking to get authorised under Markets in Crypto Asset Regulation (MiCAR) in Ireland, the Central Bank of Ireland has confirmed (or perhaps reconfirmed in some people's minds) that regulator intends to open its MiCAR authorisation gateway in early QUARTER 3 2024. While VASPs operating under the VASP regime prior to 30 December 2024, under MiCAR, will be permitted, post 30 December 2024, to avail of a transitional period enabling them to continue to operate for up to 12 months or until their CASP authorisation is granted or refused, whichever is sooner the CBI says that in respect of firms not yet registered as VASPs its experience is that period of at least ten months is required to conclude the assessment of a VASP application. The CBI says such firms should focus their efforts on preparing for a CASP application (under MiCAR) rather than seeking a VASP registration at this time. For those VASPs that have already applied for a registration but have not reached the end point of the process, the CBI will continue to assess these applications and will engage bilaterally with these firms on the progress of their applications. Following Ramp Swaps (Ireland) Limited's registration as a VASP, the latest such registration in Ireland, there are now 13 registered virtual asset service providers in Ireland and potentially a few more to come. Get in touch with CompliReg and see MiCA Ready if you are looking to get a MiCAR authorisation in Ireland or elsewhere in Europe. Firms looking to get authorised in Ireland as a CASP or registered in near future as a VASP should note the following extracts from a speech today by Gerry Cross, Director for Financial Regulation, Policy and Risk at Blockchain Ireland's excellent event this week (see link at end of article)
Source: Technological innovation and financial regulation – a maturing relationship - Remarks by Gerry Cross, Director for Financial Regulation, Policy and Risk, Wednesday 29th May 2024 Linkedin Post: https://www.linkedin.com/posts/peteroakes_micar-virtualasset-activity-7201513163152834560-N6m7
Back to Blog
Sign up to the Fintech Ireland Newsletter here.
This blog and others are joint efforts between Fintech Ireland and CompliReg. First Published Tuesday 9th April 2024
Before we dive into the detail contained in the new (issued 9 April 2024) "Central Bank Expectations for Authorisation as a Payment Institution or Electronic Money Institution, or Registration as an Account Information Service Provider", a couple of things to note:
Back to Blog
All these issues, in themselves, are sufficient for a finding that, at the assessment interview, there was an absence of fair notice sufficient to conclude that this part of the process fell below the standard of constitutional fairness. We are unable to conclude that the decision reached was the correct and preferable decision. There were fundamental procedural flaws which were to be found at all three stages of the process. The Tribunal is satisfied that taken cumulatively – or even individually – the various procedures adopted by the Central Bank did not comply with the requirements of Constitutional and natural justice; including the necessity for fair notice; the duty to give reasons; and the observance of the principle of audi alterem partem. [Latin for "hear the other side"] Interested in the Central Bank of Ireland's internal and often called 'opaque' fitness and probity assessment process? In which case take the time to read this decision (link below) by the Irish Financial Services Appeals Tribunal - an independent body - to which appeals lay from Central Bank decisions. The Appeal involved a finding by the Central Bank that: "in its “opinion”, the Appellant was “unfit” to hold the two positions in question.". The Appellant, identified as AB, was applying for (as it was then) PCF2 (NED) and PCF3 (Chairman). While the identity of the Appellant is not made known, we know the person is male and he held "similar roles to those which he was applying for in Redhedge and other regulated entities in the same sector." The crux of the order appears at para 325 on page 79 of the decision (here): "We are unable to conclude that the decision reached was the correct and preferable decision. There were fundamental procedural flaws which were to be found at all three stages of the process. The Tribunal is satisfied that taken cumulatively – or even individually – the various procedures adopted by the Central Bank did not comply with the requirements of Constitutional and natural justice; including the necessity for fair notice; the duty to give reasons; and the observance of the principle of audi alterem partem." [[Latin for "hear the other side"] The impugned decision was one which had serious legal consequences, where fundamental legal and constitutional principles had to be applied in the course of performing the statutory functions The Central Bank called the Appellant to what is known as an “assessment interview” and then a “specific interview”. These made adverse findings. There followed a “minded to refuse” letter to the ultimate decision-maker. She largely confirmed these adverse findings and held the Respondent [i.e. the Central Bank] entitled to refuse the applications. There is a lot here for the Central Bank to consider and take stock of. And hopefully it does. While there was the appearance of fair procedure, there was an absence of its substance Summary of certain facts In summary (all the below are direct quotes from decision**):
Costs:
** to ensure that you are aware of the context from which the above quotes are extracted, do read the decision for yourself. A copy of the decision is located here Linkedin Post here. Do check out the Linkedin page as it contains lots of additional information. The Central Bank of Ireland issued a statement on its website saying:
Back to Blog
The announcement in the media that Coinbase is selecting Ireland as its EU regulatory headquarters has sparked quite a lot of discussion in crypto regulatory circles. Myself and a few others have been thinking about similarities between the race for a MiCAR authorisation [either from a standing start or from the position of already being a Virtual Asset Services Provider registrant in the EU] and the race for UK regulated firms needing an EU home post Brexit. In particular, I recall certain member states doing road shows on why a UK regulated firm should choose its country. While in Ireland, when challenged by the representative bodies and gatekeepers about doing more, the Central Bank of Ireland responded in speeches that it was in no one's interest to get involved in a race to the bottom. Will we not see something similar when it comes to MiCAR? Just because company A has a VASP registration in EU country A, it could make sense but, it doesn't necessarily follow that it will pursue a MiCAR authorisation in EU country A. That is more so the case, arguably, when they have VASP registrations in EU countries B, C and others (because there is no passporting). Therefore, and I am already seeing it myself, there are EU countries laying out their stall for your MiCAR authorisation regardless if you are (or not) already registered there as VASP. Some EU countries argue that their current VASP registration (& remember it was only ever intended to be a mere registration) is so robust and already aligned to MiCAR that you will find its offering a fast, efficient & effective way to getting the authorisation crown. I suspect other member states might take a political or supervisor risk-based decision not to exceed their obligations when dealing with a MiCAR authorisation and - potentially adding things into the authorisation process - to unintentionally but effectively killing-off an application. And, while it is great to hear of a large digital asset player laying down the marker that Ireland will be its EU regulatory home, I have lost count of how may MiFID, emoney and payment firms that have told me that "Ireland is the only country for our company", only to find that their view changes during the course of the authorisation process for whatever reason. I've seen companies apply elsewhere while pursuing an application in Ireland and I have spoken to some of those companies 18 months latter when they discovered the grass wasn't greener in the other EU member state. Against that backdrop, very interesting to read the Chair (Verna Ross) of European Securities and Markets Authority (ESMA) letter of 17 October 2023 to Nadia Calviño President of the Economic and Financial Affairs (ECOFIN) Council of the European Union, saying a number of important things about the MiCAR authorisation infrastructure. Of the many points made by ESMA in its letter, the following ones caught our eye.
The letter was cced to:
* Mairead McGuinness, Commissioner in charge of Financial Stability, Financial Services and Capital Markets Union, European Commission; * Irene Tinagli, Chair of the Committee on Economic and Monetary Affairs, European Parliament; * John Berrigan, Director-General, DG Financial Stability, Financial Services and Capital Markets Union, European Commission; * Thérèse Blanchet, Secretary-General of the Council of the European Union Union; * Claudia Lindemann, Head of the Secretariat of the Committee on Economic and Monetary Affairs, European Parliament
Back to Blog
Australia to regulate digital asset platforms
Regulating digital asset platforms - Australia What is this about? The Australian government intends to introduce a regulatory framework to address consumer harms in the crypto ecosystem while supporting innovation. The introduction of a regulatory framework for entities providing access to digital assets and holding them for Australians and Australian businesses is an important step in the government’s approach to crypto reform in the Australian context. The proposed regulatory framework would apply to digital asset platforms that present similar risks to entities that operate in the traditional financial system. It proposes to leverage the Australian financial services framework to regulate digital asset platforms to ensure consistent oversight and safeguards for consumers. The government seeks views from interested parties on the proposed framework for regulating digital asset platforms. Specific consultation questions are outlined within the paper. Responding You can submit responses to this consultation up until 01 December 2023. Interested parties are invited to comment on this consultation. While submissions may be lodged electronically or by post, electronic lodgement is preferred. For accessibility reasons, please submit responses sent via email in a Word or RTF format. An additional PDF version may also be submitted. All information (including name and address details) contained in submissions will be made available to the public on the Treasury website unless you indicate that you would like all or part of your submission to remain in confidence. Automatically generated confidentiality statements in emails do not suffice for this purpose. Respondents who would like part of their submission to remain in confidence should provide this information marked as such in a separate attachment. Legal requirements, such as those imposed by the Freedom of Information Act 1982, may affect the confidentiality of your submission. Key Documents
How To Respond
Financial System Division Treasury Langton Cres Parkes ACT 2600 Further Reading: https://treasury.gov.au/consultation/c2023-427004
Back to Blog
Bitcoin First Revisited - Why investors need to consider bitcoin separately from other digital assets (Fidelity Digital Assets) DOWNLOAD HERE The copyright in the report [and this blog] belongs to by Chris Kuiper and Jack Neureuter and Fidelity Digital Assets. STARTS:
Background In January 2022, we outlined Bitcoin’s unique characteristics, why they make Bitcoin fundamentally different from other digital assets, and why this is important for investors to consider. Over a year and a half later, Bitcoin continues to gain adoption and market share in the digital asset space, while other digital assets have faced separate headwinds. While we encourage those seeking a detailed understanding of Bitcoin’s unique value propositions to read the earlier overview, we aim to reiterate many of Bitcoin’s fundamental advantages below while contextualizing Bitcoin’s progress and position within today’s current digital asset market. Executive Summary Once investors have decided to invest in digital assets, the next question becomes, “Which one?” Of course, bitcoin is the most recognized, first-ever digital asset, but there are hundreds—even thousands of other digital assets in the ecosystem. One of the first concerns investors have regarding bitcoin is, as the first digital asset, it may be vulnerable to innovative destruction from competitors (such as the story of MySpace and Facebook). Another common consideration surrounding bitcoin is whether it offers the same potential reward or upside as some of the newer and smaller digital assets that have emerged. In this paper, we propose:
DOWNLOAD HERE The copyright in the report [and this blog] belongs to by Chris Kuiper and Jack Neureuter and Fidelity Digital Assets.
Back to Blog
CompliReg helps UK and EU fintech become authorised and works with them on regulatory, governance and compliance issues. Led by Peter Oakes, please get in touch HERE One for #emoney firms to take note of whether authorised in the UK or Ireland, and indeed throughout the EU.
This relates to the UK FCA finding that, in order to protect consumers, three clauses in an authorised and regulated regulated #fintech company's T&Cs (in the EU referred to as the Framework Contract) fell short of the Consumer Rights Act 2015. On 4 October 2023, the FCA published a Notice of Undertaking (the “Undertaking”) agreed with Wirex Limited (FRA #902025), citing the following T&Cs with: 1) Excluding liability as a result of account suspension. This provision excluded the firm’s liability for any losses suffered by consumers, should the firm suspend their account in accordance with the provision, irrespective of the circumstances. The FCA considered this to be unfair under the Act as it permitted the firm to deny consumers compensation to which they may otherwise be entitled due to such a suspension, even if the firm had caused the relevant loss. 2) Limitation of compensation available to consumers. The T&Cs purported to limit the sum of compensation a consumer was entitled to receive in the event of a loss to the sum the consumer had paid to the firm in the year prior to making the claim. The FCA considered that this term derogated from the position under national law, as it limited a consumer’s right to obtain the proper amount of compensation in the event of a contractual breach by the firm. The FCA considered that the firm could not reasonably assume a consumer would have agreed to such a term in individual negotiations, because a consumer would most likely expect that if the firm had done something wrong and caused them loss, they would be entitled to commensurate compensation regardless of what they had paid to the firm. 3) Exclusion of commitments that may be implied by law. The T&Cs included a term that enabled the firm to exclude any commitments that may be implied by law, to the extent that it was permitted to do so. The FCA was concerned that this provision lacked adequate transparency, as consumers were unlikely to be aware of the extent to which the firm would be able to exclude their liability under obligations implied by law. Wirex Limited has:
According the FCA's register, Wirex Limited has been an "Authorised Electronic Money Institution" since 17/08/2018. Further reading:
Back to Blog
If you are struggling with an application for an electronic money or payments institution authorisation in Europe, contact us here and/or complete the Authorisation/Licence Enquiry Form here. If you are looking at becoming authorised in Ireland as an emoney institution or payments institution check out Fintech Ireland's and CompliReg's authorisation guides here. According to recent figures, it may take as little as 4 months to become authorised as an electronic money or payments institution in the EEA and as long as 15+ months. Whereas in the UK the experience, towards the higher end, is 13-15 months but can be shorter.
The only sure fire way to reduce the amount of time that your application for authorisation takes to be successfully completed is through preparation and the right choice of advisers. Our team is experienced in the authorisation process of EEA and UK regulators and in addition to successfully advancing emoney, payments and MiFID authorisations has also worked on the successful authorisation of an EU bank. Contact us here and follow Peter Oakes and CompliReg on Linkedin.
Back to Blog
Barclays wins UK Supreme Court case over push payment fraud - but it's not over, yet!Wednesday 12th July 2023 - Barclays wins UK Supreme Court case over push payment fraud - but it is not over until the fat lady sings! Definitely important for Irish banks, #fintech &consumers alike when it comes to #paymentfraud. This is especially so because Ireland doesn't have the exact equivalent of the new UK's FCA 'consumer duty', which to my mind is not detrimentally impacted by the decision. While English court decisions are not binding in Ireland, Irish courts may be persuaded by English (and other jurisdiction's courts) decisions. English decisions are very often cited in Irish courts. Thus this decision by the UK Supreme Court is very important. Details:
Upshot: The UK Supreme Court stated that the order of the judge in previous proceedings granting Barclay's summary judgment stands. Mrs Phiilipp's is done but not out in her attempts to recover the £700,000: Mrs Philipp is permitted to maintain an alternative claim based on the Bank's alleged failure to act promptly to try to recall the payments after the fraud was discovered. In the Court's view, the questions (i) whether the Bank owed such a duty and (ii) whether there was any realistic chance that the money would have been recovered if attempts had been made to recall the payments sooner cannot be decided without a fuller investigation of the facts. This alternative claim should therefore not have been summarily dismissed. Mrs Philipp has an alternative claim that the Bank was in breach of duty in not acting promptly to try to recall the payments made to the UAE after being notified of the fraud. In the Court's view, the questions (i) whether the Bank owed such a duty and (ii) whether there was any realistic chance that the money would have been recovered if attempts had been made to recall the payments sooner cannot be decided without a fuller investigation of the facts. This alternative claim should therefore not have been summarily dismissed. New UK FCA Consumer Duty: By the way, under the UK Consumer Duty, firms must take proactive & reactive steps to avoid causing harm to customers through their conduct, products or services where it is in a firm’s control to do so. The FCA has specifically stated that an example of 'causing harm' is where consumers become victims of scams relating to their financial products for example, due to a firm’s inadequate systems to detect/prevent scams or inadequate processes to design, test, tailor and monitor the effectiveness of scam warning messages presented to customers. In fact on page 99 of its final guidance, the FCA provides a 'good example' of circumstances of how a payments firm should consider how it can best design its processes to help identify suspicious payments and mitigate the risk of poor customer outcomes.
|