Compliance Considerations: EU Financial Services Sector
Financial crises stimulate the compliance functions to develop and widen the range of tasks. In recent years, many financial firms have significantly expanded their compliance functions. Despite this, they have come under significant strain as a result of the COVID-19 pandemic. As companies assess the impact and embrace the new reality, there is an increasing awareness of the need to improve the efficiency and effectiveness of the compliance function. In this article, we consider these matters within the EU and EEA.
Compliance Considerations: EU Financial Services Sector
Financial crises stimulate the compliance functions to develop and widen the range of tasks. In recent years, many…
The current conditions
Compliance functions have expanded their activities primarily by moving to more automated monitoring and surveillance. The regulatory transformation process has affected not only the resilience and regulatory requirements of banking systems but also many digital operations, anti-money laundering procedures, governance, and individual accountability requirements. While some of these initiatives have undoubtedly enabled financial firms to become more resilient, COVID-19 has, nevertheless, presented them with significant new stresses. During this period, the financial sector has been instrumental in supporting the economy and is now trying to understand and manage the associated risks.
Consequently, governments and regulators are taking several measures to mitigate the impact of the pandemic on global financial stability. However, regulatory changes are still dynamic. Among measures to get financial institutions back on track for recovery include:
- Eased the implementation dates of new regulations;
- Extended the submission deadlines for existing regulatory reports;
- Suspended non-critical supervisory examination activities.
Either way, many financial institutions faced operational, financial, risk, and regulatory compliance implications. The pandemic became a test of strength and revealed many of the shortcomings of legacy technologies and processes, as well as the need for large-scale improvements to compliance systems.
Across the EU, regulators continue to refine existing regulations introduced in the wake of the financial crisis and are currently redoubling their efforts in policy areas such as anti-money laundering (AML), data protection, and environmental, social, and governance (ESG) risks.
But what regulatory changes should financial institutions expect in the coming years?
Referring to the action plan for AML / CTF (Counter-Terrorism Financing) published by the EU in May 2020. The six-point document set up a single rule book, an EU-level supervisory body, and a coordination and support mechanism for Member States’ financial intelligence units. The package of legislative proposals includes:
- A new EU AML Authority (AMLA). It will not be valid until 2024 and the regulation will not apply for three years after its publication in the Official Journal of the EU. However, there are a number of tentative dates to consider for the financial services industry.
- 6th Directive on AML/CFT. It mainly deals with the rules of national supervisors, financial intelligence units, and national risk assessments, and will replace the existing Directive 2015/849 / EU.
- New regulation on AML/CFT.
- Revision of the 2015 Regulation on Transfers of Funds.
The UK as no longer being subject to EU AML Directives but still is largely consistent with the provisions of 6MLD. However, once the EU AML Regulation is in effect, it begs the question as to how the UK’s regime will measure against the EU Member States.
The Financial Action Taskforce (FATF) plenary of 2021 highlighted the role of new technologies to improve the speed, quality, and effectiveness of anti-money laundering and terrorist financing measures. Ultimately, this will help financial institutions to more accurately, timely, and comprehensively assess these risks. The Strategic Initiative seeks to ensure that governments continue to implement effective risk-based FATF standards and ensure that new and emerging loopholes are not exploited by criminals and terrorists.
2022 is expected to be a challenging year for regulators and financial institutions as several key AML regulatory changes lie ahead, as well as a closer focus on data privacy and ESG. By accelerating digital transformation and automating risk assessment and compliance processes, financial institutions will be better equipped to identify and mitigate risks.
Close ties with business
Here are the main business activities that are critical to compliance:
- Taking responsibility for customer due diligence and other financial crime regulations, including conducting surveillance activities.
- Commitment to using advanced technology to flexibly respond to future changes in external conditions within the new reality.
- Adaptation to evolving business models and organizational structures, such as the UK exit from the EU, competitive pressures, and broader market development.
In turn, compliance functions must adapt to changes in the business itself to effectively support the business, considering the growing use of data and technology. They need to move from conservative functions to more strategic and predictive ones.
Risks and benefits of new technology
The use of new technologies such as artificial intelligence and virtual currencies, aside from algorithmic and operational benefits, also introduces new risks that fall under the scope of compliance and regulation. This has created uncertainty concerning potential asset bubbles and concerns about money laundering, ransomware attacks, and even ESG’s “mining” concerns.
Essentially, technology is a mechanism by which effectiveness and efficiency can be delivered, but as we can see, it is not free from risk. In the short term, сompliance functions will need to keep pace as regulators start to determine how best to regulate these spheres. To date, meeting all the financial services compliance requirements is just half of it. The other half is to ensure proper security.
- Data security check, storage, and asset storage plan.
- Automation of key process controls.
- Ensuring timely awareness of policy changes.
- Conducting audits to find and report faulty controls or any suspected misconduct. This is especially important in the context of regulatory uncertainty to ensure transparency.
- Periodically review and update risk thresholds.
- In case of regulatory changes, ensuring effective organizational change management such that it does not disrupt the operational business functions.
Finscanner is set to bring you the latest and most relevant financial data, however, the information above is of a general nature and is not intended to address the private circumstances of any particular individual or entity.
For any other questions feel free to contact us directly.