SCANNING SEPTEMBER 2017
European Regulatory Watch Newsletter
CMU - Commission publishes EPTF report and consults on barriers to post-trade services across financial markets
In November 2001 and April 2003, the EU Commission's mandated expert group, known as the "Giovannini Group", produced two reports on 'Cross-Border Clearing and Settlement Arrangements in the EU' (the "Giovannini Reports", respectively available here and here).
In September 2015, the EU Commission adopted an action plan on building a capital markets union (COM(2015) 468 final - the "CMU Action Plan", available here). The CMU Action Plan noted that there are still barriers to a single market for capital, particularly for cross-border investment in the EU. This concerns in particular post-trade services (e.g. clearing, settlement and collateral management). These barriers have not been reviewed since the Giovannini Reports, although major regulatory changes relating to post-trade have taken place (e.g. EMIR, CSDR, SFTR, Target2-Securities).
As part of the CMU Action Plan, the EU Commission established the European Post-Trade Forum in 2016 (the "EPTF") to assess the evolution of the EU post-trade landscape and progress in removing Giovannini barriers.
On 8 June 2017, the EU Commission communicated on the mid-term review of the CMU Action Plan (COM(2017) 292 final - the "CMU Mid-Term Review", available here).
On 23 August 2017, the EU Commission issued its consultation document 'on post-trade in a Capital Market Union: dismantling barriers and strategy for the future' (the "Consultation Document").
The Consultation Document seeks to gather views on a range of issues divided into the following sections:
- EU and global trends, new technologies and competition in post trade;
- Remaining barriers and solutions to remove them.
On the same date, the EPTF published its first report (the "EPTF Report). The EPTF Report (i) lists those Giovannini barriers that have not yet been dismantled as well as describing new barriers ("EPTF Barriers") and bottlenecks, and (ii) tries to establish priorities in addressing these perceived obstacles on the way to achieving a true CMU.
It is to be noted that EPTF Barriers 4 and 11 (i.e. inconsistent application of asset segregation rules for securities accounts, and legal uncertainty as to ownership rights in intermediated securities and third party effects of assignment of claims) are not covered in the Consultation Document.
The Consultation Document is available here.
The EPTF Report is available here.
Feedback on the Consultation Document shall be submitted to the EU Commission by 15 November 2017.
The results of this consultation will contribute to future legislative reviews and the communication on post-trade planned for the end of 2017 pursuant to the CMU Mid-Term Review.
CRD IV - Amending implementing regulation on benchmarking portfolios and reporting instructions published in the OJEU
The Directive 2013/36/EU on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms is applicable since 1 January 2014 ("CRD IV", available here).
Pursuant to Article 78(1) of CRD IV, institutions are required to submit the calculations of their internal approaches at least annually. Since the focus of the competent authorities' assessments and of the EBA's reports change over time, exposures or positions that are included in the benchmarking portfolios, and therefore in the reporting requirements, should be adapted accordingly.
On 22 December 2016, the EU Commission implementing regulation (EU) 2016/2070 laying down implementing technical standards for templates, definitions and IT-solutions to be used by institutions when reporting to the EBA and to competent authorities in accordance with Article 78(2) of CRD IV entered into force (the "Implementing Regulation 2016/2070", available here).
What's new ?
The Implementing Regulation 2017/1486 entered into force on 20 September 2017.
Pursuant to Article 2 of the Implementing Regulation 2017/1486, an institution shall submit the information referred to in Articles 2 and 3 of the Implementing Regulation 2016/2070 (respectively information for credit risk and for market risk) to competent authorities by 30 September 2017.
The Q&As on APM is intended to be continually edited and updated as and when new questions are received.
Cross-border regulation - EU Commission issues a Proposal for a Regulation on free flow of non-personal data
The Treaty on the Functioning of the European Union was published in the OJEU on 7 June 2016 and is effective since 01 December 2009 (the "TFEU", available here). The TFEU Articles 49 and 56 provide for freedom of establishment and freedom to provide services within the EU single market. They are also applicable to business in the EU digital single market (the "DSM").
Various barriers that do not exist in the physical EU single market still exist in the DSM. They include legal uncertainty and unjustified restrictions which hinder storing or otherwise processing electronic non-personal data outside a specific geographic location. This concerns data that is used, for instance, in accounting, tax, company legal records and other commercial matters. The obstacles vary stemming from, for instance, rules, administrative guidelines or practices, contractual and technical matters.
The currently existing EU secondary legislation in the field of information and communication technology services and data protection does not remove barriers to mobility of non-personal data. There is necessity for new EU uniform rules in addition to:
- Directive 2000/31/EC (the "Electronic Commerce Directive", available here),
- Directive 2006/123/EC (the "Services in the Internal Market Directive", available here),
- Directive (EU) 2015/1535 (the "Transparency Directive", available here),
- Regulation (EU) 2016/679 (the "General Data Protection Regulation", available here),
- Directive (EU) 2016/680 (the "Police Directive", available here),
- Directive 2002/58/EC ("Privacy and Electronic Communications Directive", available here).
On 2 July 2014, the EU Commission issued a communication to the EU Parliament, Council, the EESC and the COR presenting a vision for the data-driven EU economy where the availability of good quality, reliable and interoperable datasets is an essential enabler for new services in the DSM (the "Communication", available here).
Building on the Communication, on 6 May 2015, the EU Commission published a strategy outlining a set of concrete actions for reducing barriers to free flow of data in the DSM (the "DSM Strategy," available here).
On 10 May 2017, the midterm review of the DSM Strategy announced that by autumn 2017 the EU Commission will prepare a legislative proposal on the EU free flow of data cooperation framework (the "DSM Strategy Midterm Review", available here). This would take into account the principle of porting non-personal data, including when switching business services like cloud services as well as the principle of availability of certain data for regulatory control purposes also when it is stored in another EU Member State.
On 13 September 2017, the EU Commission issued a proposal for a regulation of the EU Parliament and of the Council on a framework for the free flow of non-personal data in the EU (COM2017) 495 final - the "Proposed Regulation").
The Proposed Regulation pursues the creation of an effective EU single market for provision of electronic data hosting (storage) and other processing services. It should apply to these services in the broadest sense, encompassing the usage of all types of IT systems, whether located on the premises of the user or outsourced to data storage or other processing service provider.
The Proposed Regulation:
- establishes the principle of free movement of electronic data other than personal data in the EU,
- prohibits any data localisation requirement, unless it is justified on grounds of public security,
- provides for the review of existing data localization requirements and notification of remaining or newly modified requirements to the EU Commission, to enable their assessment,
- provides for transparency by requiring to publish details of any data localization requirements.
- aims to ensure data availability for regulatory control by competent authorities,
- stipulates that users may not refuse to provide access to data to competent authorities for regulatory control purposes (e.g. for inspection, audit, taxation, business register) on the basis that data is stored or otherwise processed in another EU Member State,
- enables a competent authority which has exhausted all applicable means to obtain access to the data, to request the assistance of an authority in another EU Member State,
- provides for procedural conditions applicable to the assistance between the authorities;
- encourages self-regulation - service providers and professional users shall develop codes of conduct (the "Codes") on information to be provided to users of data storage or other processing services,
- explains that the Codes should detail the information on data porting conditions that providers should make available to their professional users clearly before a contract is concluded,
- provides that the EU Commission would review the effective implementation of the Codes within 2 years after the start of application of the currently Proposed Regulation;
- requires that, each EU Member State designates a single point of contact which shall liaise with the points of contact of other EU Member States and the EU Commission regarding the application of the Proposed Regulation.
The Proposed Regulation is available here.
The EU Commission has put the Proposed Regulation forward for adoption by the EU Parliament and the Council of the EU.
If it will be adopted, the Proposed Regulation will start to apply 6 months after the day of its publication in the OJEU.
The EU Commission will review the Proposed Regulation within 5 years after the start of its application.
CRR - Commission issues RTS on asset encumbrance disclosure
The Regulation (EU) 575/2013 of 26 June 2013 on prudential requirements for credit institutions and investment firms applies since 1 January 2014 ("CRR", available here).
According to Article 443 of CRR, the EBA is empowered to develop draft regulatory technical standards ("RTS") on unencumbered assets taking into account the Recommendation ESRB/2012/2 of 20 December 2012 on the funding of credit institutions (the "ESRB Recommendation", available here).
The EBA supervisory reporting requirements specify that an asset shall be treated as being encumbered if it has been pledged or if it is subject to any form of arrangement to secure, collateralise or credit enhance any transaction from which it cannot be freely withdrawn. It is to be noted that the EBA mandate in Article 443 of CRR only refers to unencumbered assets, whereas the ESRB Recommendation also refers to encumbered assets. Hence, the EBA has drawn up the RTS and the accompanying templates to cover both encumbered and unencumbered assets.
On 27 June 2014, the EBA published its final guidelines on disclosure of encumbered and unencumbered assets, which have been drafted in accordance with ESRB Recommendation D (EBA/GL/2014/03 - the "Guidelines", available here). In September 2015 and in June 2016, the EBA published its report on asset encumbrance (respectively available here and here).
On 3 March 2017, the EBA published its final report concerning the draft RTS on disclosure of encumbered and unencumbered assets under Article 443 of CRR (EBA/RTS/2017/03 - the "Final Draft RTS", available here). The Final Draft RTS are addressed to institutions and provide three disclosure templates (i.e. amount of encumbered and unencumbered assets under the applicable accounting framework, information on collateral received by asset type, and liabilities associated with encumbered assets and collateral received) to be completed and disclosed, along with narrative information on the importance of encumbrance in the funding model of the institution.
In the Final Draft RTS, smaller institutions which do not have material levels of asset encumbrance, as well as investment firms, are exempt from disclosing information on the quality of encumbered and unencumbered assets, so as to avoid incurring disproportionate costs. In order to facilitate the disclosure of the quality criteria for large institutions, these requirements shall be implemented one year after the entry into force of the relevant EU Commission delegated regulation.
On 4 September 2017, based on the Final Draft RTS, the EU Commission issued its delegated regulation supplementing CRR with regard to RTS for disclosure of encumbered and unencumbered assets (C(2017) 5959 final - the "Delegated Regulation").
The Delegated Regulation is available here.
The annexes I and II to the Delegated Regulation are available here.
The Delegated Regulation is subject to the right of the EU Parliament and the Council of the EU to express objections.
The final version of the Delegated Regulation shall enter into force on the twentieth day following that of its publication in the OJEU.
EMIR - ESMA publishes final guidelines on portability of data between trade repositories
EMIR requires ESMA to define Guidelines to ensure a smooth and adequate reporting of data by Trade Repositories (TRs) even in the case of a change of TR, whatever the reason for this change.
On 24 August 2017 ESMA has published the final report on its Guidelines on portability of data between trade repositories.
These Guidelines apply in relation to:
- The reporting without duplication of details of derivatives by counterparties and CCPs.
- The transfer of derivatives data between TRs at the request of the counterparties to a derivative, or the entity reporting on their behalf, or in the situation of the withdrawal of registration of a TR.
- The record keeping of details of derivatives.
The Guidelines are available here.
The Guidelines will become applicable on 16 October 2017 and will require assessment on the compliance by the TRs with these Guidelines on an annual basis.
EuSEF/EuVECA - Parliament plenary votes on amending proposal regulation
The Regulation (EU) No 345/2013 on European Venture Capital Funds ("EuVECA Regulation", available here) and the Regulation (EU) No 346/2013 on European Social Entrepreneurship Funds ("EuSEF Regulation", available here) apply since 22 July 2013.
These Regulations provide for a common EU framework for the managers of EuVECA and EuSEF and for harmonised passporting rules in order to manage and market funds in the EU with the specific and EuVECA and EuSEF labels. While EuVECA funds support young and innovative companies, EuSEF focus on enterprises whose aim is to achieve positive social impact.
On 14 July 2016, the EU Commission published its impact assessment (available here) and its proposal regulation amending the EuVECA Regulation and the EuSEF Regulation (COM(2016) 461 final – the "EC Proposal", available here), in view of the following operational objectives:
- Remove limitations for larger managers to manage EuSEF and EuVECA funds and dual registration requirements;
- Strike the right balance between the need to have a light touch regime and a sufficient level of investor protection;
- Streamline the rules for marketing and managing EuSEF and EuVECA funds.
On 6 December 2016, the Council of the EU issued its compromise text on the EC Proposal (2016/0221 (COD) – the "Council Proposal", available here).
On 30 March 2017, the EU Parliament issued its report with amendments to the EC Proposal (A8-0120/2017 – the "Parliament Proposal", available here).
Against this background, the EU Parliament and the Council of the EU reached a provisional political agreement in trilogue on 30 May 2017 (the "Compromise", available here and here).
On 14 September 2017, based on the Compromise, the EU Parliament plenary voted at first reading on a legislative resolution to adopt a regulation amending the EuVECA Regulation and the EuSEF Regulation (the "Adopted Text").
The Adopted Text most notably introduces the following amendments:
- Widening the range of managers eligible to set-up and manage EuSEF and EuVECA funds to include those with assets under management of more than €500 million;
- Widening the range of firms that EuVECA funds can invest in to include unlisted companies with up to 499 employees;
- Broadening the definition of enterprises that EuSEF can invest in to include "services and goods generating social return";
- Enabling EuSEF and EuVECA registered managers to market their funds across the EU; and
- Giving the ESMA an oversight role to ensure that EuSEF and EuVECA funds are consistently registered and supervised.
The Adopted Text is available here.
The final version of the Adopted Text shall enter into force on the twentieth day following that of its publication the OJEU and shall apply three months following its entry into force date.
Market Abuse - ESMA updates Q&As document on the Market Abuse Regulation
On 16 April 2014 the European Parliament and the Council issued a regulation (EU) No 596/2014 on market abuse and repealing Directive 2003/6/EC of the European Parliament and of the Council and Commission Directives 2003/124/EC, 2003/125/EC and 2004/72/EC ("MAR”, available here). It came into effect on 3 July 2016.
MAR aims at increasing market integrity and investor protection, enhancing the attractiveness of securities markets for capital raising.
ESMA is required to play an active role in building a common supervisory culture by promoting common supervisory approaches and practices. It does this by providing responses to questions raised by the general public and competent authorities in relation to the practical application of MAR.
On 4 September 2017 ESMA has published an updated version of its Q&As document on MAR.
The updated sections refer to the following:
- situation of non-financial firms as regards the notion of “persons professionally arranging and executing transactions”;
- scope of financial instruments subject to the market sounding regime under MAR; and
- situation of external firms as regards the insider list requirements and responsibility of the issuer.
The updated ESMA Q&As document on the MAR is available here
This Q&As document on MAR is intended to be continually edited and updated as and when new questions are received.
MiFID II - ESMA updates its MiFID II Q&As
The MiFID II Directive encompasses the rules on governance, products, investors’ protection and information disclosure.
MiFID II and MiFIR, together with the Commission delegated acts as well as regulatory and implementing technical standards, will be applicable from 3 January 2018.
The purpose of the Questions and Answers (Q&As) documents is to promote common supervisory approaches and practices in the application of MiFID II and MiFIR.
On 12 September 2017 ESMA has updated its Q&As on practical questions regarding market structures topics under MiFID II and MiFIR.
The 4 new questions are all related to access to CCPs and trading venues issues:
- Timing and procedure of notification for temporary opt-out under Article 36(5) MiFIR: trading venues should notify their intention to temporarily opt-out of the access provisions to ESMA at the very latest by the end of September 2017.
- Exemptions under Article 36(5) and Article 54(2) of MiFIR: MiFIR provides for two transitory arrangements with respect to exchange traded derivativess, in case the European Commission decides not to temporarily exclude ETDs from the scope of Articles 35 and 36 of MiFIR.
- Timing of application for transitional arrangements under Article 54(2) of MiFIR: Article 54(2) of MiFIR does not establish any timing other than indicating that CCPs and trading venues must submit the application before the entry into force of MiFIR.
- Limitation of access rights following exemption under Article 36(5) of MiFIR: CCPs with close links to trading venues that benefit from the exemption under Article 36(5) of MiFIR have their access rights restrained to exchange-traded derivatives ‘within the relevant threshold’.
ESMA’s updated Q&A on MiFID II and MiFIR market structures is available here.
ESMA will periodically review these Q&As and update them where required.
MiFID II/MiFIR – Commission Reports conclude that there is no need to temporarily exclude ETDs from the scope of Art. 35 and 36 of MiFIR
The Regulation (EU) 600/2014 on markets in financial instruments entered into force on 2 July 2014 and will apply as from 3 January 2018 ("MiFIR", available here).
MiFIR defines an exchange-traded derivative ("ETD") as a 'derivative that is traded on a regulated market or on a third-country market considered to be equivalent to a regulated market' and as such does not fall into the definition of an OTC derivative as defined in the Regulation (EU) 648/2012 ("EMIR", available here).
Articles 35 and 36 of MiFIR, which specify transparent and non-discriminatory access to CCPs and trading venues for ETDs, aim at strengthening competition between trading venues and CCPs, and ultimately reducing costs for end-investors.
Against this background, the EU Commission is required to report to the EU Parliament and to the Council of the EU under Article 52(12) of MiFIR on the need to temporarily exclude ETDs from the scope of Articles 35 and 36 of MiFIR for up to 30 months following 3 January 2018.
On 4 April 2016, the ESMA published its risk assessment report on the temporary exclusion of ETDs from Articles 35 and 36 of MiFIR (ESMA/2016/461 - the "Risk Assessment", available here).
On 11 September 2017, based on the Risk Assessment, the EU Commission issued its report on the need to temporarily exclude ETDs from the scope of Articles 35 and 36 of MiFIR (COM(2017) 468 final - the "Report").
In the Report, the EU Commission outlines that the implementation of open and non-discriminatory access to ETDs under MiFIR might raise particular risks in relation to (i) the concentration of the trading and the clearing activity in vertically integrated groups, and to (ii) the potential multiplication of interoperability arrangements that would substantially raise the level of complexity in the overall risk management of interoperable CCPs.
However, the EU Commission considers that the current regulatory framework in MiFIR and EMIR address the potential risks identified (e.g. MiFIR gives the possibility for CCPs, trading venues, and relevant authorities to deny access to the relevant infrastructure).
On this basis, the EU Commission concludes that it is not necessary to temporarily exclude ETDs from the scope of Articles 35 and 36 of MiFIR.
The Report is available here.
UCITS/AIFM - EFAMA releases statistical report on European investment fund industry trends in Q2 2017
The European Fund and Asset Management Association (the "EFAMA") regularly publishes research results and statistical data on trends in European and international investment fund industry.
Since 2011, the EFAMA releases quarterly statistical reports which focus on net assets and net sales of investment funds domiciled in Europe, whilst also presenting a commentary on the trends in the industry during the corresponding period (the "Quarterly Reports").
The Quarterly Reports also provide a country breakdown of the net assets and net sales of UCITS during the corresponding period. Aggregated data on non-UCITS funds, as well as the number of UCITS and non-UCITS funds are also considered.
The EFAMA has published all 4 Quarterly Reports regarding year
- 2015 (available: Q1 here, Q2 here, Q3 here, Q4 and the full year here) and
- 2016 (available: Q1 here, Q2 here, Q3 here, Q4 and the full year here).
On 9 June 2017, the EFAMA released the 1st of its Quarterly Reports analysing 2017 data, (No. 69 - the "Q1 2017 Report", available here).
On 18 September 2017, the EFAMA published the 2nd of its Quarterly Reports on 2017 trends in the European investment fund industry (No. 70 - the "Q2 2017 Report").
In comparison with the Q1 2017 Report and those of the previous years, the Q2 2017 Report describes the developments as outlined below.
- The combined net sales of UCITS and AIF reached €245 bn, compared to €264 bn in Q1 2017.
- UCITS registered net inflows of €174 bn, compared to net inflows of €202 bn in Q1 2017. In the first half of 2017, UCITS funds attracted €377 bn in net new money, compared to €271 bn recorded throughout the entire year 2016.
- Long-term UCITS, i.e. UCITS excluding money market funds, recorded solid net inflows amounting to €188 bn, the highest level since Q1 2015. All categories of long-term UCITS registered positive net inflows during Q2 2017. Net sales of equity funds rose to €35 bn and net sales of multi-asset funds increased to €54 bn in Q2 2017. Net sales of bond accelerated from €75 bn in Q1 to a record-breaking €93 bn in Q2 2017.
- UCITS money market funds saw a reversal in net sales this quarter, recording net outflows of €13 bn compared to net inflows of €52 bn in Q1 2017.
- AIF recorded net inflows of €70 bn in Q2 2017, up from €62 bn in the first quarter. So far this year, AIF have garnered net sales of €132 bn in net sales, compared to €187 bn during the whole of 2016.
- Total net assets of the European investment fund industry increased by 0.6 % to €14,894 bn at end Q2 2017. Both UCITS and AIF net assets grew to reach €9,171 bn and €5,723 bn, respectively.
The Q2 2017 Report is available here.
In December 2017, the EFAMA will release European statistical report on Q3 2017.
Financial Markets - LuxSE communicates on LEI code
According to the 2017 report to G20 Leaders on the implementation and effects of the G20 financial regulatory reforms (available here), the Global Legal Entity Identifier System ("GLEIS") has issued over 500’000 LEIs in 195 countries and started collecting information on parent entities in May 2017. This 20-digit unique identifier is used in two-thirds of FSB jurisdictions to support regulatory activities, for instance in connection with financial transaction reporting (e.g. under Article 26 of MiFIR or under Article 4 of MAR).
The FSB established a framework composed of local entities known as "Local Operating Units" for assigning LEIs, and a central entity known as "Central Operating Units" to ensure consistency. In this context, the LEI Regulatory Oversight Committee ("ROC") ensures compliance with the principles approved by the G20.
On 26 July 2017, the LEI ROC launched a public consultation on corporate actions and data history in the Global LEI System (the "Consultation", available here). Responses to the Consultation are invited by 29 September 2017.
Against this background, ESMA has developed guidelines (e.g. MiFID II/MiFIR Guidelines, available here) to ensure that the application of LEI within the EU complies with international standards, in particular those established by the FSB.
On 10 August 2017, the LuxSE published a communication on its obligation, due to the GLEIS framework echoed in MiFID II/MiFIR and MAR, to collect a LEI code from the following issuers (the "Communication"):
- Any issuer operating on its regulated market (i.e. Bourse de Luxembourg); and
- Any issuer operating on its multilateral trading facility (i.e. Euro MTF).
In addition, the LuxSE will communicate such LEI code to the relevant supervisory authorities.
The Communication is available here.
The above-mentioned issuers are kindly requested to provide the LuxSE per email with their (valid) LEI code before 15 September 2017.
GDPD/GDPR - Bill 7184 submitted to Parliament
The Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data shall apply as from 25 May 2018 (the "GDPR", available here).
The Directive (EU) 2016/680 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data shall be transposed into national law by 6 May 2018 (the "GDPD", available here).
On 10 August 2017, the Luxembourg Minister of Justice submitted the bill 7168 implementing certain provisions of the GDPD to the Luxembourg Parliament (the "Bill 7168", available here only in French).
Under the current Luxembourg regulatory framework, the National Commission for Data Protection ("Commission Nationale pour la Protection des Données" - "CNPD") is an independent authority created by the Act of 2 August 2002 on the protection of individuals with regard to the processing of personal data (available here).
On 12 September 2017, the Luxembourg Minister for Communications and Media submitted the bill 7184 entitled the 'Law dd/mm/yyyy establishing the National Commission for Data Protection and the general data protection regime' to the Luxembourg Parliament (the "Bill 7184").
For clarity purposes, the Bill 7184 shall be read in conjunction with the GDPR and the Bill 7168.
The Chapter I of the Bill 7184 shall establish/adapt the organic law of the CNPD (hence the Act of 2 August 2012 shall be repealed), in order to grant the CNPD the new powers that will be necessary to carry out its assigned tasks under the GDPR/GDPD, most notably as follows:
- As independent Luxembourg ex-post supervisory authority, the CNPD shall be responsible for monitoring and verifying that personal data are processed in accordance with the GDPR and the final version of the law introduced by the Bill 7168. However, the CNPD shall not be competent for supervising personal data processing operations by judicial (including the public prosecutor's office) and administrative jurisdictions in their judicial role;
- The CNPD shall have the right to participate in the activities of the European Data Protection Board;
- Within the limits of its remit and role, the CNPD shall have the powers set out in Article 58 of the GDPR and Article 47 of the GDPD;
- Within the limits of its remit and role, the CNPD shall have the power to adopt regulations (e.g. on the amount and modalities of payment of operating fees), which shall be published in the Luxembourg's official journal and on the CNPD's website;
- The CNPD shall accredit the certification bodies for data protection as referred to in Article 43(1) of the GDPR;
- The CNPD may impose effective, proportionate and dissuasive administrative fines as provided for in Article 83 of the GDPR, including on legal bodies governed by public law.
Moreover, the Chapter II of the Bill 7184 shall concern specific processing situations as provided for in the GDPR. In particular, Luxembourg shall by law (i) reconcile the right to the protection of personal data with the right to freedom of expression and information, (ii) specify safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, and (iii) provide conditions for processing of special categories of personal data by health services. These provisions shall apply to any data controller or processor established in Luxembourg.
The Bill 7184 is available here (only in French).
The Luxembourg Conference of Presidents will order the Bill 7184 referral to a parliamentary committee for discussion.
It is scheduled that the final version of the Bill 7184 as voted by the Luxembourg Parliament shall enter into force on 25 May 2018 (aligned with the application date of the GDPR).
In order to ensure flexibility in the event of an increase in staff capacity, the headquarters of the CNPD shall be determined by Grand-Ducal regulation.
MiFID II/MiFIR - CSSF issues Circulars 17/668 transposing ESMA Guidelines
In accordance with Article 48(5) paragraph 1 of MiFID II, 'Member States shall require a regulated market to have in place effective systems, procedures and arrangements to ensure its trading systems are resilient, have sufficient capacity to deal with peak order and message volumes, are able to ensure orderly trading under conditions of severe market stress, are fully tested to ensure such conditions are met and are subject to effective business continuity arrangements to ensure continuity of its services if there is any failure of its trading systems'.
In this context, the ESMA published its guidelines on the calibration of circuit breakers and publication of trading halts on 6 April 2017 (ESMA70-872942901-63 - the "Guidelines on Circuit Breakers", available here). The Guidelines on Circuit Breakers apply to trading venues that allow or enable algorithmic trading on their systems and to national competent authorities ("NCAs").
The second paragraph of Article 48(5) of MiFID II determines that trading venues shall report the parameters for halting trading and any material changes to those parameters to their NCA in a consistent and comparable manner, and that the NCA shall in turn report them to the ESMA.
On 17 July 2017, the ESMA published its policy on reporting of circuit breakers' parameters by NCAs to the ESMA (ESMA70-154-264 - the "Policy", available here).
On 23 August 2017, the CSSF issued its circular 17/668 concerning the Guidelines on Circuit Breakers and details on reporting of circuit breakers' parameters (the "Circular 17/668").
The Circular 17/668 is addressed to all regulated markets, market operators, credit institutions, investment firms and market operators operating an organised trading facility ("OTF") or a multilateral trading facility ("MTF").
The aim of the Circular 17/668 is to transpose the Guidelines on Circuit Breakers and the Policy into the Luxembourg regulatory framework.
The Circular 17/668 is available here (only in French).
The Circular 17/668 enters into force on 23 August 2017.
The CSSF highlights that trading venues shall apply the provisions included in the Circular 17/668 as from 3 January 2018.
FinTech - BCBS consults on sound practices for banks and bank supervisors
In recent years, sizeable investments have been made by both banks and venture capital funds in financial technology (or "fintech"), indicating the expectations for substantial change.
Against this background, the BCBS mandated a task force to analyse fintech innovations and emerging business models in the banking sector. The BCBS has opted to use the FSB's working definition for "fintech" as 'technology-enabled innovation in financial services that could result in new business models, applications, processes or products with an associated material effect on the provision of financial services' (available here).
On 4 August 2017, the EBA published a discussion paper on its fintech's approach (EBA/DP/2017/02, available here).
On 31 August 2017, based on the work conducted by its taskforce, the BCBS issued the consultative document entitled 'Sound practices: Implications of fintech developments for banks and bank supervisors' (the "Consultative Document").
The Consultative Document considers 5 forward-looking scenarios (i.e. the "better bank", the "new bank", the "distributed bank", the "relegated bank" and the "disintermediated bank") to assess the impact of the evolution of fintech products and services on the banking industry, with their specific risks and opportunities. Moreover, 3 case studies focus on technology developments (i.e. big data, distributed ledger technology and cloud computing) and 3 on fintech business models (i.e. innovative payment services, lending platforms and neo-banks).
In the Consultative Document, the BCBS highlights the following 10 recommendations:
- Banks should consider a balanced approach to ensure safety and soundness and high compliance standards without inhibiting beneficial innovation;
- Banks should ensure that they have effective governance structures and risk management processes in order to identify, manage and monitor key risks associated with the emergence of fintech, including strategic/profitability risk, operational risk, cyber-risk and compliance risk;
- Banks should ensure that they have effective IT and other risk management processes that address the risks of innovative enabling technologies;
- Banks should ensure that they have appropriate processes/contracts for due diligence, risk management and ongoing monitoring of any operation outsourced to a third party, including fintech firms;
- Bank supervisors should develop cross-sectorial cooperation between supervisors and other relevant authorities;
- Bank supervisors should coordinate supervisory activities for cross-border fintech operations, where appropriate;
- Bank supervisors should continuously re-evaluate necessary skillsets and approaches to effectively supervise new technologies and innovative business models;
- Bank supervisors should consider investigating and exploring the potential of new technologies to improve their methods and process ("suptech opportunities");
- Bank supervisors should review their current regulatory, supervisory, and licensing framework in light of new and evolving risks arising from innovative products and business models;
- Bank supervisors should learn from each other's approaches and practices (e.g. innovation hubs, accelerators, regulatory sandboxes) and consider implementing them to facilitate fintech innovation.
The Consultative Document is available here.
Comments to the Consultative Document shall be submitted to the BCBS by 31 October 2017.
CRS - First automatic Common Reporting Standard exchanges between 49 jurisdiction set to take place this month
On 24 December 2015, a law implementing the Common Reporting Standard ("CRS") in Luxembourg law has been enacted (the "CRS law"). The CRS law transposes into Luxembourg national law the Council Directive 2014/107/UE of 9 December 2014, amending Directive 2011/16/EU regarding the mandatory exchange of information in the field of taxation ("DAC 2"). The DAC 2 provides that EU Member States require their financial institutions to implement reporting and due diligence rules consistent with those set out in the CRS developed by the Organization for Economic Co-operation and Development ("OECD").
Much like FATCA's provisions, the CRS imposes obligations on Financial Institutions to review and collect information on their clients/investors in an effort to identify their tax residence and to provide certain specified account information to the relevant foreign tax authorities on an annual basis.
As of today, 102 jurisdictions have publicly committed to implement the CRS, with 49 being committed to start exchanges in September 2017 and a further 53 taking up exchanges in September 2018.
On 14 September 2017, the OECD announces that another series of bilateral exchange relationships was established under the CRS Multilateral Competent Authority Agreement ("CRS MCAA"). Now, there is a total of over 200 bilateral relationships for the automatic exchange of CRS information in place around the world. The CRS MCAA defines the scope, timing, format and conditions for the exchange of CRS information and is based on the multilateral Convention on Mutual Administrative Assistance in Tax Matters. At present, 95 jurisdictions have signed the CRS MCAA.
With first exchanges for the 49 jurisdictions that committed to a 2017 timeline now being only weeks away, all these jurisdictions have now activated their exchange relationships under the CRS MCAA. In addition, 20 of the 53 jurisdictions committed to first exchanges in 2018 have already put the international legal requirements in place to commence exchanges under the CRS MCAA next year.
Today's wave of activations of bilateral exchange relationships is a key milestone for the successful and timely implementation of the CRS in the 49 jurisdictions committed to first exchanges in September 2017 and marks the delivery on their political commitment to fight tax evasion.
The link is available here.
A further activation round for jurisdictions committed to a 2018 timeline is scheduled to take place in November 2017 which will allow the remaining jurisdictions to nominate the partners with which they will undertake automatic exchanges of CRS information.