Insights

Objectivus_Favicon

Regulatory Update September 2023

In this issue we cover:

  • Data scraping and data protection
  • Financial promotions gateway goes live
  • FCA PEP Talk
  • Financial Services and Markets Act 2023
  • Incoming crypto marketing rules
  • Risk Registers: Making valuable decisions

Data scraping and data protection

Twelve data protection and privacy organisations, including the UK’s Information Commissioner’s Office, has jointly issued a declaration advocating for the safeguarding of individuals’ personal data against unauthorised extraction on social media platforms. This declaration offers guidelines for social media entities, outlining expected measures against unlawful data harvesting and striving for uniformity in data protection standards for online posts across different regions.

Data scraping is a technique that employs automation to pull vast quantities of data from online platforms. Social media firms and website operators that display publicly available personal details are mandated by privacy and data protection laws to shield such information from unauthorised extraction. Social media platforms are encouraged to share feedback and showcase the steps they’ve taken to shield users from unauthorised data extraction.

Financial promotions gateway goes live

The financial promotions gateway law has been enacted in the UK and is summarised in PS23/13, restricting authorised entities from approving financial promotions by unregulated third parties without FCA permission, unless specific exemptions apply. The Financial Services and Markets Act 2023 introduced these regulations, offering exemptions like the authorised entity drafting and approving the content. From 6 November 2023, entities not under exemptions must apply to the FCA before approving third-party promotions. This initiative, intended to enhance promotion quality and increase FCA oversight, requires firms to decide whether to join the gateway or rely on exemptions and adjust to the new requirements by the set deadline.

FCA PEP Talk

The Financial Conduct Authority (FCA) is reviewing the handling of UK-domestic Politically Exposed Persons (PEPs) by regulated firms, prompted by the Nigel Farage/Coutts issue. The focus is on ensuring that firms are aligning with anti-money laundering guidelines and treating domestic PEPs as “lower risk.” Concerns have arisen over potential over-analysis and its impact on the UK financial sector’s reputation. Feedback from PEPs and their associates will inform the review. Findings will be published by 29 June 2024, which may lead to revised guidelines.

Financial Services and Markets Act 2023

The Financial Services and Markets Act 2023, unveiled on 7 July 2023, is a landmark post-Brexit legislation tailored for the UK. It introduces a specific financial activities regime, revises UK MiFID, establishes a gateway for endorsing non-authorised firm promotions, sets up a system for key third parties, and brings stablecoins and other crypto-assets under UK regulation. While parts of the Act were enacted in June and July 2023, the rest will be rolled out from August 2023 onwards into 2024.

Incoming crypto marketing rules

The FCA may grant cryptoasset firms an extension until 8 January 2024 for implementing specific changes like a 24-hour cooling-off period, based on industry readiness. While core regulations will be effective from 8 October 2023, firms seeking added time must apply for it. This approach mirrors last year’s strategy when the FCA set rules for other high-risk investments. From October, crypto marketing must be transparent and carry evident risk warnings, applicable globally. Lucy Castledine, the Director of Consumer Investments, emphasised the importance of clear marketing and risk disclosure. She expressed concern about non-compliant overseas crypto firms and warned of penalties for rule breaches post-October. The FCA has also provided examples of proper marketing practice and continues to emphasise the risks associated with crypto investments.

Risk Registers: Making valuable decisions

Corporate leadership requires effective decision-making, and a risk register is essential for this. It provides a comprehensive view of potential risks, their impacts, and strategies for managing them. Risks can range from pandemic threats to financial concerns, based on the ISO’s definition of uncertainties affecting goals.
Benefits of a risk register include:

  1. early risk identification and strategy formation;
  2. guided decision-making;
  3. strategic resource allocation;
  4. enhanced communication and collaboration; and
  5. support in long-term planning.

Risk registers can be utilised to effectively:

  1. engage various stakeholders;
  2. standardise risk assessments;
  3. regularly update;
  4. outline clear mitigation plans; and
  5. incorporate into decision-making.