May, 2024
Dear LinkedIn community!
Welcome the approaching days of May, we're entering a period that promises both the warmth of summer and a gradual slowdown in regulatory oversight. This past month, the halving of Bitcoin underscored a significant milestone, demonstrating a resilient stance against diminishing volatility. It's evident that this shift holds immense implications, particularly for banks, as they diligently prepare their offerings to embrace the world of cryptocurrency. We've foresee exciting collaborations between traditional financial institutions and prominent crypto firms, indicating a growing convergence between traditional finance and the digital asset space. Our team closely follows the ongoing developments within national regulatory frameworks, monitoring the adoption of MiCA and the forthcoming AMLD6 provisions as they transition into domestic regulations.
Stay informed and join us on this journey!
???? President Biden signs bill extending a key U.S. surveillance program after divisions nearly forced it to lapse
U.S. spy agencies regard the Foreign Intelligence Surveillance Act as one of their most valuable intelligence-collection tools. First passed in 2008 and reauthorized several times since, the law enables U.S. spy agencies to collect without a warrant from U.S. tech companies the communications of non-Americans located overseas for foreign intelligence purposes.
Critics say this act intrudes on privacy. The Foreign Intelligence Surveillance Court (FISC), which provides judicial oversight of the act, found in 2022 that the FBI had misused the authority more than 278,000 times between 2020 and early 2021. The FBI, the court noted, conducted queries “without a specific factual basis to believe” they were likely to yield “foreign intelligence information or evidence of a crime.”
Despite criticism, on Saturday President Joe Biden signed legislation reauthorizing key U.S. surveillance law.
?? “Consent or Pay” models deployed by large online platforms should offer real choice
During its latest plenary, the European Data Protection Board (?EDPB“) adopted an Opinion addressing the validity of consent to process personal data for the purposes of behavioral advertising in the context of ?consent or pay“ models deployed by large online platforms.
EDPB considered that, in most cases, it will not be possible for online platforms to comply with the requirements for valid consent, if they confront users only with a choice between consenting to processing of personal data for behavioral advertising purposes and paying a fee. Offering only a paid alternative to services which involve the processing of personal data for behavioral advertising purposes should not be the default way forward for companies. When developing alternatives, large online platforms should consider providing individuals with an ?equivalent alternative“ that does not entail the payment of a fee. If companies do opt to charge a fee for access to the ?equivalent alternative“, they should give significant consideration to offering an additional alternative. This free alternative should be without behavioral advertising, e.g. with a form of advertising involving the processing of less or no personal data. This is a particularly important factor in the assessment of valid consent under the GDPR.
?? Ensuring Compliance: EU's Cross-Border Payments Reporting Obligation for Q1 2024
CESOP, the European Union's Cross-Border Payments Reporting Obligation, has reached its Q1 reporting deadline. All licensed EU Payment Service Providers (PSPs), including credit institutions, Electronic Money Institutions (EMIs), and Payment Institutions (PIs), were required to submit their inaugural CESOP reports for the first quarter of 2024. These reports detail cross-border payment activities and are to be sent to various competent authorities throughout the EU or directly to local authorities.
The process of submitting payment information to local competent authorities varies, necessitating PSPs to allocate sufficient time to register with the relevant bodies. Failure to comply with these reporting regulations carries the risk of regulatory sanctions, underlining the importance of timely and accurate submission.
?? ESAs consult on technical standards for joint examination teams under Digital Operational Resilience Act (DORA)
European Supervisory Authorities (EBA, EIOPA, and ESMA) initiated a public consultation on the draft Regulatory Technical Standards (RTS) for overseeing joint examination teams under the Digital Operational Resilience Act (DORA). The primary objective of these draft RTS is to establish criteria for team composition, ensuring balanced participation from the ESAs and relevant competent authorities, along with designating members, defining tasks, and establishing working arrangements.
These draft RTS are designed to optimize the efficiency and effectiveness of joint examination teams, crucial for the daily oversight of critical ICT third-party service providers (CTPPs). They take into consideration the technical complexity of oversight activities and the limited availability of required expertise. The implementation of the Digital Operational Resilience Act (DORA) and its related RTS is set to commence on January 17, 2025.
领英推荐
?? EU Parliament has adopted a new Anti-Money Laundering laws package
The European Parliament has recently approved a comprehensive set of regulations aimed at bolstering the EU's arsenal against money laundering and terrorist financing, the so called “AML package”. The new laws ensure broader access to beneficial ownership information, granting various stakeholders such as journalists, civil society organizations, and supervisory bodies direct and free access to national registries interconnected at the EU level. Additionally, Financial Intelligence Units (FIUs) will be empowered with enhanced capabilities to analyze and identify suspicious financial activities, including the authority to suspend dubious transactions. These measures are complemented by strengthened due diligence requirements, extending to entities such as banks, asset managers, and even professional football clubs involved in high-value financial transactions, which will be subject to rigorous customer identity verification and transaction monitoring starting from 2029. Most importantly, new set of laws will establish clarity and unity in adoption of AML rules across the continent, further ironing out inconsistencies present in national regimes.
Furthermore, the regulations introduce a stringent EU-wide limit on cash payments, set at EUR 10,000, and establish the Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA) in Frankfurt. AMLA will serve as a central watchdog, directly supervising high-risk financial entities, mediating disputes among supervisory bodies, and overseeing the implementation of targeted financial sanctions. This Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) package represents a significant stride toward fortifying the EU's anti-money laundering framework, addressing the demands outlined in the Conference on the Future of Europe and underscoring the EU's commitment to combating financial crime.
For this package to come into force, EU Council will have to adopt it and publish it in the EU Official Journal.
?? Austria takes next step in preparation for MiCA
The Austrian Financial Market Authority (FMA) has released additional requirements pertaining to the Markets in Crypto-Assets Regulation (MiCA) application process. These newly published guidelines serve to further detail the steps and criteria involved in seeking approval to be authorised as CASP in Austria The document outlines various aspects of the application procedure, including the necessary documentation and information that prospective CASPs must provide to demonstrate compliance with MiCA regulations. Additionally, the publication offers insights into the FMA's evaluation process, emphasizing the importance of fulfilling all regulatory requirements to obtain authorization.
Furthermore, the FMA's publication sheds light on key considerations for CASPs regarding organizational structures, risk management practices, and compliance frameworks. It highlights the importance of robust internal controls and procedures to ensure the integrity and security of crypto-asset services. The document aims to provide clarity and guidance to CASP applicants, facilitating a smoother application process and fostering compliance with MiCA regulations. Overall, the release of these additional requirements by the Austrian FMA highlights the regulator's commitment to promoting transparency and regulatory compliance within the crypto-asset industry.
?? EU adopts first position on PSD3 and PSR
The European Parliament, in a press release issued on April 22, 2024, announced the adoption of its initial stance on the draft Directive on payment services and electronic money services in the internal market (PSD3) and the draft Payment Services Regulation (PSR). MEPs endorsed proposals aimed at fostering an open and competitive payment service environment in the EU while bolstering customer protection against fraud and data breaches. Notable changes proposed by the European Parliament include amendments to the PSR, approved with 511 votes to 22 (with 75 abstentions), and the Directive, passed with 484 votes to 8 (with 118 abstentions).
Key provisions highlighted in the press release include the requirement for payment service providers (PSPs) to verify unique identifiers free of charge to safeguard transfers and ensure robust customer authentication. PSPs failing to implement adequate fraud prevention mechanisms would be liable for compensating customers for losses resulting from fraud. Additionally, customers are granted control over the processing of their personal data and the ability to opt out of data sharing or revoke access to their information. Moreover, the rules mandate clear and transparent disclosure of all charges, including currency conversion fees and fixed charges for cash withdrawals, prior to payment transactions. MEPs also emphasized the importance of ensuring better access to cash, particularly in remote or rural areas, proposing exemptions for retail shops providing independent cash services (up to €100) and lighter standards for certain ATMs. Furthermore, the regulations aim to facilitate entry for new players into the EU payment services sector, particularly in internet payments, subject to authorization, with provisions addressing liability, security, and data protection concerns while maintaining technology neutrality.
Looking ahead, the European Parliament's first reading on these draft legislations has concluded, with further work to be undertaken by the new European Parliament following the European elections in June. The adoption of these laws reflects the European Parliament's response to the conclusions drawn from the Conference on the Future of Europe, particularly focusing on proposals regarding the interconnection of payment systems, telecommunications, and digital innovation.
?? ESMA letter on DLT (blockchain) pilot regime
On April 3, 2024, Verena Ross, Chair of the European Securities and Markets Authority (ESMA), penned a letter addressing Mairead McGuinness, Irene Tinagli, and Vincent van Peteghem concerning the implementation of distributed ledger technology (DLT) by financial market infrastructures within the framework of the DLT Pilot Regime. Despite the absence of authorized DLT market infrastructures at present, the communication serves as an update on the status of submitted applications and underscores the challenges highlighted by Member State competent authorities (NCAs). As of the specified date, four official applications have been lodged and are currently undergoing assessment by NCAs, with expectations of around eight additional applications throughout the year. The letter indicates that NCAs have identified various challenges, attributing the slow adoption rate in part to the regime's novelty. Moreover, the annex of the letter delineates additional hurdles for consideration by the relevant Commission services, suggesting areas where clarification could bolster the uptake of the regime. These include aspects related to innovative cash settlement solutions, the utilization of self-hosted wallets, the parameters governing DLT financial instruments, and the duration of the DLT Pilot Regime.
The correspondence highlights the ongoing efforts to navigate the complexities surrounding the integration of DLT into financial market infrastructures, with a focus on addressing the challenges encountered by NCAs. While the DLT Pilot Regime represents a promising avenue for fostering innovation within the financial sector, the letter highlights the need for regulatory clarity and guidance to facilitate a smoother transition. By engaging in dialogue and soliciting feedback from relevant stakeholders, including NCAs and the Commission, ESMA endeavors to refine the regulatory framework and pave the way for the wider adoption of DLT technologies.