The latest regulatory update – March 2021

Home / FINANCIAL CRIME / The latest regulatory update – March 2021

Regulatory Update March 2021

In this issue we cover:

  • Contactless payments limit to be raised to £100
  • EU/UK Memorandum of Understanding regarding financial services
  • FCA publishes the number of STORs received in 2020
  • FCA product governance review
  • Transfer of personal data to SEC
  • LIBOR: FCA’s cessation announcement
  • FCA enforcement decision on wash trades
  • FCA Quarterly Consultation
  • Data protection implications of gathering Covid-19 data from employees
  • Supervisory flexibility on RTS 27 reports and 10% depreciation notifications
  • FCA locking down on market abuse

You can find these articles and a searchable archive of all our previous articles here.

Contactless payments limit to be raised to £100

 On 3 March 2021, the Financial Conduct Authority (FCA) published Policy Statement 21/2 on amendments to the single and cumulative transaction limits for contactless payments (PS 21/2).

The single transaction limit for contactless card payments will be increasing from £45 to £100 and the cumulative transaction limit before reauthentication is increasing from £130 to £300.

According to UK Finance, the total value of contactless transactions was 43.7% higher in November 2020 than in the previous year.

Contactless payments remain relatively safe as compared with other payment methods. According to the FCA in PS 21/2, there was “no significant increase in contactless related fraud since industry increased the limit in April 2020. The total value of reported fraud falling within the new increased limit (between £30 to £45) equated to 0.02% of the total amount spent using contactless cards since April 2020”.


Early draft of the EU/UK Memorandum of Understanding regarding financial services

On 26 February 2021, an early draft of the Memorandum of Understanding (MoU), which is intended to set out the cooperation agreement in financial services between the UK and the EU, was leaked. This document was seen and reported on by Reuters. Reuters stated that the draft MoU puts London’s financial services industry in a worse position than New York. Industry officials have argued that it has less substance than the deal which the EU agreed with the US in 2016, with one financial sector source stating that it does not reflect the current depth of relationship with bilateral MoUs already signed between individual regulators in the UK and the EU.

According to the Reuters article, sources close to the Government’s negotiation position have stated that the UK’s focus is on ensuring that the MoU provides “transparency and appropriate dialogue when it comes to adopting, suspending and withdrawing equivalence decisions“. As indicated by the February 2021 speech delivered by the Governor of the BoE Andrew Bailey, the UK has called for EU equivalence to be “outcomes-based”, like the EU/US deal, which would mean for equivalence decisions to focus not on the amount of divergence there is between the UK/EU rules but rather on whether the rules would produce the same result, even if they were technically different.


FCA publishes the number of STORs received in 2020

On 2 March 2021, the FCA published the number of suspicious transaction and order reports (STORs) it had received in 2020. The data from the FCA shows that there was a fall in the number of STORs received coinciding with the market volatility and changes to work practices during the beginning of the COVID-19 pandemic. The FCA received a total of 4,239 STORS, which includes 3553 STORs on insider dealing and 680 STORs on market manipulation.


FCA product governance review

On 26 February, the FCA published its findings from a review into product governance, which assessed how a sample of eight asset management firms observe MiFID II’s product governance regime when manufacturing and providing products.

The review covered the following areas:

  • product design: especially regarding conflicts of interest;
  • product testing: stress testing plus disclosure of costs by firms;
  • distributors: due diligence, the information sought from distributors and their use of MI; and
  • governance and oversight: second line of defence and product governance committees, the obligations of the authorised fund manager board, record keeping and training on product governance.

The review calls for significant improvements in product governance arrangements and in light of its findings, the FCA confirmed that it is likely to carry out further work on this subject.


ICO confirms financial services organisations in the UK can rely on public interest derogation under UK GDPR to transfer personal data to the SEC

The Information Commissioner’s Office (ICO) published a letter it wrote to the US Securities and Exchange Commission (SEC) on 11 September 2020, setting out its view on how the restrictions on international transfers of data under Chapter V of the EU General Data Protection Regulation (GDPR) apply to UK-based companies that are subject to US regulatory obligations.

The ICO confirms that SEC regulated UK organisations can transfer personal information to the SEC on the basis of the public interest derogation set out in Article 49(1)(d) of the GDPR. This is provided that the transfer is strictly necessary and proportionate for complying with an SEC regulation and that the derogation is applied on a case-by-case basis. SEC regulated UK firms should also comply with their other GDPR obligations, as well as their transparency obligations to customers.

The ICO also states that UK firms and the SEC should work together to put in place an Article 46 transfer tool as a long term solution.


LIBOR: FCA’s cessation announcement

The FCA has confirmed that at the end of 2021 most LIBOR settings will be removed and at the end of June 2023 major USD tenors will end.

The regulator has also outlined the potential scope for synthetic LIBOR, subject to powers granted in the Financial Services Bill, currently progressing through Parliament. As the announcement constitutes an ISDA Index Cessation Event, the fixing of Bloomberg Index Services’ credit spread adjustments for all 35 settings was triggered on 5 March 2021.

In this context market participants are advised to review portfolios and focus on active transition.


FCA enforcement decision on wash trades

On 3 March, the FCA announced a fine and ban for a market making trader who carried out ‘wash trades’.

It is a reminder to firms and their compliance departments that they need to remain constantly vigilant and consistently encourage and reinforce correct behaviour amongst staff.

The trader in this case:

  • had over 30 years’ experience,
  • signed an annual desk mandate which prohibited wash trades specifically (the most recent annual signing being 7 days before the first wash trade),
  • did not appear to make any personal financial gain nor any financial gain for his employer, and
  • as shown by the FCA’s ban, was clearly risking his career and livelihood.

Stifel (the trader’s firm) acted as corporate broker and financial adviser to McKay (a company listed on the LSE which was part of the FTSE All Share Index). The nature of this agreement required Stifel to perform various tasks such as market-making in McKay shares and providing share price and market information.

The FCA deduced that the motive for executing the wash trades was to ensure that at least 13,000 McKay shares were traded each day which the trader believed, from conversations with colleagues, was a liquidity requirement to remain in the FTSE All Share Index. The trader assumed that McKay wanted to remain in that higher index for status and rating purposes.

‘Wash trading’ involves trading where there is no change in ownership or risk and can create a false or misleading impression to other market participants as to the price, demand or supply of a security. It is prohibited by the market abuse rules and the FCA’s view is that the trader knew this. Additionally, there was evidence of attempts to conceal the nature of the trading by using third party order routing.

The trader thought that by assisting McKay to remain in the FTSE All Share Index, this would benefit the relationship between Stifel and McKay. The FCA stated in its Final Notice that the trader was not asked to execute a certain volume of shares a day and Stifel has also confirmed that no action has been taken against the firm by the FCA. It is believed the motivation was that the trader considered that it would reflect badly on him within Stifel if McKay did not achieve sufficiently high trading volumes.

It all came to light when Stifel identified a wash trade, and reported the incident to the FCA. It appears the trading volumes were checked by the trader every day to determine if a wash trade was needed to hit the target volume. On some days, the wash trades made up more than 30 per cent of the total reported volume of trading in McKay shares that day.

Compliance monitoring is essential as is ongoing training and the enforcement of correct behaviour so that the right choices are made when faced with conflicting pressures


FCA Quarterly Consultation No. 31 – FCA Consultation Paper CP21/5 – 5 March 2021

The consultation covers amendments to the Compensation sourcebook (COMP) rules which are set out in the draft Financial Services Compensation Scheme (FSCS) (Miscellaneous Amendments) Instrument 2021 at Appendix 2 of the Consultation Paper.

The proposed changes to COMP are intended to ensure that, among other things:

  • the rules are easy for users to navigate;
  • the rules in relation to debt management business are clear;
  • the FSCS can consider the defence of limitation consistently, and disregard it when reasonable to do so, in relation to claims made in connection with protected debt management business;
  • the FSCS can consider claims consistently and avoid the risk that it is unable to consider an individual’s claim because the firm they dealt with is now dissolved; and
  • the FSCS can postpone payment of compensation in certain circumstances.

The changes also reflect changes to the rules following the addition of new categories of protected claim to the scope of the FSCS, and changes to the Training and Competence sourcebook (TC) which are set out in the draft Training and Competence Sourcebook (Amendment No.9) Instrument 2021 at Appendix 3 of the Consultation Paper. These proposed changes to the TC extend the scope of the notification requirements, update the appropriate qualifications table, as well as amending the relevant rules and guidance. They also include a new rule (TC 2.1.31BR), which will require firms to notify the relevant accredited bodies when notifying the FCA of certain significant events concerning the failure to comply with Statements of Principle and Code of Practice for Approved Persons (APER) or Code of Conduct (COCON) by firms’ retail investment advisers.

The consultation closes on 30 April 2021 for COMP and 2 April 2021 for TC.


Whistleblowing in the US

On March 9, the SEC announced a $1.5 million whistleblower award in connection with a successful enforcement action. According to the redacted order, the whistleblower provided information that led to the opening of the investigation, and assisted enforcement staff by providing multiple written submissions and identifying potential witnesses.

Earlier, on March 4, the SEC announced a more than $5 million joint award to two whistleblowers who alerted enforcement staff to misconduct occurring abroad that would otherwise “have been difficult to detect.” According to the redacted order, the whistleblowers voluntarily submitted a joint tip that led to the opening of the investigation, and continued to assist enforcement staff by providing information that directly supported certain allegations in the enforcement action. However, in the same order, the SEC affirmed denial of two other claimants’ award claims after determining that the individuals did not submit information leading to the successful enforcement of the covered action. The SEC noted, among other things, that these claimants’ tips did not cause the opening of the investigation and that the information provided related to conduct by “entirely different companies” and was not used in the covered action.

The SEC has now paid approximately $759 million to 143 individuals since the inception of the whistleblower program in 2012.


Data protection implications of gathering Covid-19 data from employees

The Information Commissioner’s Office (ICO) has issued guidance around Covid-19 data.

Health information is a special category of personal data in terms of data protection law and there is a narrower range of conditions that are available to employers to justify the processing.

The ICO advises that either of the following conditions could potentially be relied on to process vaccination data:

  • ‘Performance of rights and obligations in connection with employment’ (e.g. processing to ensure a safe working environment); or
  • ‘Health purposes’ (e.g. it’s necessary to assess the working capacity of the employee). Note that, if relying on this health condition, the guidance states that employers must ensure that a health professional carries out the processing, or that they advise employees that their vaccination status will be treated as confidential and will only be disclosed in defined circumstances.

In practical terms the reasons for recording employees’ vaccination status must be clear and compelling.

Where the use of vaccination data is likely to result in a high risk to individuals, such as denying them employment opportunities, the ICO advises that employers should complete a data protection impact assessment (DPIA). In practice, and as with any new processing activity, this will require a preliminary assessment of the risks, before deciding whether a full DPIA is required.

The ICO makes it clear that an employer must be transparent if it decides to record vaccination data.

Workers’ personal data should not be kept for longer than is necessary. The difficulty with assessing this obligation in relation to Covid-19 vaccination data is that because it’s still a developing area, the reasons for storing the data just now for a specified period may not subsequently be justifiable.

The ICO’s advice is that employers should regularly review whether they still have grounds for the collection and retention of vaccination data, particularly as the vaccination roll-out progresses.

The ICO guidance states that employers should respect the duty of confidentiality owed to employees and should not routinely disclose vaccine status among colleagues unless there is a legitimate and compelling reason to do so.

In addition to the data protection issues outlined above, it is necessary to consider employment law and health and safety obligations, including current public health and government guidance on the vaccine. It is important to bear in mind that:

  • The collection of vaccination data must not result in any unfair treatment of employees.
  • Whether there is justification for processing vaccination data in a particular situation will depend on various factors including the sector, the type of work carried out, and the degree of health and safety risk.

The implications of the COVID-19 vaccine for employers are still evolving, so taking relevant advice is strongly recommended.


Supervisory flexibility on RTS 27 reports and 10% depreciation notifications

On 19 March 2021, the FCA issued an update regarding the temporary measures it is putting in place for RTS 27 reports and 10% depreciation notifications whilst it consults on changes to these requirements later this year. The temporary measures will be in place until the end of 2021.

In terms of RTS 27 reports the FCA states:

  • The next set of RTS 27 reports on execution quality will be based on pre-Brexit data which means that the information in them is likely to be of limited use for market participants and may even be misleading.
  • The FCA is currently preparing a consultation looking at the RTS 27 reporting obligation, with a view to abolishing it, given concerns that have been expressed around the value of these reports.
  • The FCA will not take action against firms who do not produce RTS 27 reports for the rest of 2021. The FCA expects that by the end of 2021 it will have concluded its policy consideration of the future of these reports.

In terms of 10% depreciation notifications the FCA states:

  • For the last 12 months the FCA has adopted temporary COVID-19 measures on the requirement for firms to issue 10% depreciation notifications to investors (COBS 16A.4.3 UK).
  • The FCA intends to consult on changes to the requirement later this Spring. It is therefore extending the temporary measures for firms until the end of 2021 while it undertakes policy work on the future of the requirement.
  • During this period, the FCA will not take action for breach of COBS 16.A.4.3 UK for services offered to retail investors provided that the firm has:
    • issued at least one notification in the current reporting period, indicating to retail clients that their portfolio or position has decreased in value by at least 10%;
    • informed these clients that they may not receive similar notifications should their portfolio or position values further decrease by 10% in the current reporting period;
    • referred these clients to non-personalised communications, perhaps made available on public channels, that outline general updates on market conditions; and
    • reminded clients how to check their portfolio value, and how to get in touch with the firm
  • Firms must still pay due regard to the interests of their customers and treat them fairly (Principle 6), and pay due regard to the information needs of their clients, and communicate information to them in a way which is clear, fair and not misleading (Principle 7).
  • For services offered to professional investors, the FCA will not take action for breach of COBS 16A.4.3 UK provided that firms have allowed professional clients to opt-in to receiving notifications.


FCA locking down on market abuse

In a speech by Mark Steward, the FCA Director of Enforcement and Market Oversight, recent work by the FCA to tackle market abuse was highlighted.

Despite the Covid-19 pandemic and Brexit, there has been an overall increase of 34% in transactions and transaction reports in 2020. There was a temporary reduction in suspicious transaction and order reports (STORs) during the first lockdown period between March and June of 2020. However, since the first lockdown STORs have returned to pre-pandemic levels across all asset classes. The STORs received by the FCA have been of high quality and are vital sources of information.

The FCA also increased its proactive market monitoring during the year and introduced some new initiatives, including a new approach to short selling reporting that allows short positions to be reported on its Electronic Submission System.

The speech drew attention to the increase of retail trading accounts in the UK during 2020, particularly in the context of Gamestop.

The FCA has also introduced the Potentially Anomalous Trading Ratio (PATR). The PATR focuses on the underlying trading behaviour around specified price sensitive announcements and assesses whether the behaviour can be deemed anomalous.

The speech concluded by highlighting some recent market abuse and insider dealing cases.