InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FSB report outlines eight recommendations for bank liquidity preparedness
On April 17, the Financial Stability Board (FSB) released a consultation report titled “Liquidity Preparedness for Margin and Collateral Calls,” which laid out eight policy recommendations intended to enhance the liquidity preparedness of nonbank market participants in certain markets. These policy recommendations came from several reviews by the Basel Committee on Banking Supervision, the Committee on Payments and Market Infrastructures, and the International Organization of Securities Commissions analyzing recent incidents of liquidity stress. The eight recommendations comprised liquidity risk management, liquidity stress testing, and collateral management practices.
The first three recommendations focused on liquidity risk management practices. The first recommendation would amend liquidity risk management and governance frameworks to protect against spikes in margin and collateral calls in liquidity risk management; the second recommendation would ensure liquidity needs by establishing liquidity risk appetites and a contingency funding plan; and the third recommendation outlined the need for regular reviews of liquidity risk frameworks.
The next two recommendations were on liquidity stress testing and scenario design. The fourth recommendation set out the need for conducting liquidity stress tests with respect to margin and collateral calls to identify the sources of liquidity strains. The fifth called for stress tests to cover a range of “extreme but plausible” scenarios.
The last three recommendations focused on collateral management practices. The sixth recommendation called for resilient and effective operational processes and collateral management practices; the seventh set out the need for sufficient cash and readily available diverse liquid assets and collateral arrangements; and the eighth called for active, transparent and regular interactions with counterparties and third-party service providers. The FSB will welcome comments on this report submitted before June 18.
CFPB and European Commission convene for future oversight of consumer finance products
On April 11, the CFPB Director, Rohit Chopra, and the Commissioner for Justice and Consumer Protection of the European Commission, Didier Reynders, issued a joint statement announcing their intent to begin an informal dialogue between the CFPB and the European Commission on consumer financial protection issues. The agencies have already convened three staff-level meetings on the following topics: (1) BNPL and over-indebtedness, where the U.S. shared the FCRA framework and the European Commission discussed the differences in the BNPL industry’s evolution in their respective jurisdictions; (2) digital payment access and fraud, where they discussed fraud, the issue of nonbanks in payments, Big Tech’s involvement in consumer finance, and digital access for the unbanked; and (3) artificial intelligence, where the European Commission shared four pieces of legislation or regulations and two recent court judgments. The joint statement iterated their inputs: “Our staff have shared expertise, best practices, and lessons learned on an important set of issues. Jointly analyzing the expansion of Big Tech’s financial services offerings, and the attendant risks to consumer privacy and competition, has been highly productive.”
UK financial regulators issue new authority on securities sandbox
On April 3, the U.K.’s Financial Conduct Authority and the Bank of England released a consultation paper seeking comments on their proposal to implement the Digital Securities Sandbox (DSS), a new regime for financial firms to work on a testing ground for new technologies regarding digital assets. The goal of this testing ground would allow these firms to better issue, trade, and settle digital securities. The U.K. regulators believed that using securities on distributed ledgers (i.e., digital securities) has the potential to consolidate trade functions and reduce settlement times, reducing risk and streamlining processes. The DSS would oversee developing financial technologies, such as distributed ledger technology (DLT), during security trading. The three aims of the DSS would include promoting a safe and efficient financial system by removing potential barriers, protecting financial stability using DLT, and promoting market integrity. The securities regulated by the DSS include equities, bonds, money market instruments, and emissions allowances; however, unbacked cryptocurrencies (e.g., bitcoin) would remain outside the scope. The first sandbox entrants are expected after fall 2024.
FCC partners with two U.K. regulators in combating privacy issues and protecting consumer data
Recently, the FCC announced (here and here) that it has partnered with two U.K. communications regulatory agencies to address issues regarding privacy and data protection in telecommunications. The FCC announced two separate statements because the two U.K. regulators perform different duties: the first announcement is with the U.K. Information Commissioner’s Office (ICO), which regulates data protection and information rights; the second is with the U.K.’s Office of Communications (OFCOM) which regulates telecommunications. Both announcements highlighted a strengthening of resources and networks to protect consumers on an international scale, given the large amounts of data shared via international telecom carriers.
The FCC’s announcement with ICO explained that the partnership would be focused on combatting robocall and robotext efforts, as well as finding means to better protect consumer privacy and data concerns. In the FCC’s announcement with the OFCOM, the U.S. regulator announced a new collaboration to combat illegal robocalls and robotexts given the two countries’ shared interest in investigating networking abuses. The FCC elaborated on its desire to bolster requirements for gateway providers: this is the “on-ramp” for international internet traffic into U.S. networks.
Financial Stability Board’s letter addresses financial topics for upcoming G20 meeting
On February 20, the Financial Stability Board (FSB) released a letter from its Chair, Klaas Knot, to the G20 Finance Ministers and Central Bank Governors ahead of the February 28-29 G20 meeting, setting up the agenda for maintaining global financial stability. The FSB is an organization made up of senior financial officials from G20 countries as well as international financial organizations including the International Monetary Fund, the World Bank, and the European Central Bank. The letter addressed financial system vulnerabilities, including the takeaways from the March 2023 banking crisis, nonbank financial intermediation (NBFI), digitalization of finance, climate change effects, and cross-border payment efficiency.
On the first topic, the letter highlighted lessons wrought by the March 2023 banking crisis; the FSB advocated the need for public-sector backstop funding mechanisms, and more analytical work on interest rate and liquidity risk to explore vulnerabilities. On NBFI, the letter noted a structural vulnerability in asset management as the “potential mismatch between the liquidity of fund investments and daily redemption of fund units in open-ended funds[.]” On digital innovation, the letter urges the G20 to closely monitor any risks to financial stability, including crypto, tokens, and artificial intelligence. On climate change, the FSB plans to further analyze climate-related financial risks to financial stability. Last, on cross-border payments, the G20 Cross-border Payments Roadmap goal is to make cross-border payments “faster, cheaper, and more transparent and inclusive” while keeping their integrity and maintaining the “safety of the system.” The letter noted that FSB has collaborated with AML experts in both the public and private sectors to “increase the efficiency of payments systems and further enhance their integrity and safety.”
UK’s Prudential Regulation Authority imposes its second highest fine against a bank
On January 30, UK’s Prudential Regulation Authority (PRA) fined a large bank £57,417,500, the second highest fine ever imposed by the PRA, for allegedly failing to properly implement Depositor Protection Rule requirements. The bank allegedly exhibited shortcomings in depositor protection like maintaining information integrity, which is relied upon by the Financial Services Compensation Scheme (FSCS) to make payments to depositors in the event of a firm failure. In addition, the PRA alleged that the bank did not identify eligible deposits for FSCS protection from 2015 to 2022. The bank also allegedly failed to notify the PRA of inaccuracies in its account of eligible FSCS-protected accounts in a timely manner or to appoint a senior manager responsible for ensuring compliance with Depositor Protection Rules. The bank agreed to settle this matter at an early stage of the PRA’s investigation.
Large bank agrees to proposed settlement agreement; to be decided in February
On November 27, 2023, a large Canadian bank agreed to pay $15.9 million to accountholders in a proposed settlement agreement stemming from a class action suit in which the bank allegedly charged improper non-sufficient fund (NSF) fees. NSF fees are charges by a financial institution when they decline to make a payment from an accountholder’s account after determining the account lacks sufficient funds. Plaintiffs alleged that from February 2, 2019, to November 27, 2023, the bank charged accountholders multiple NSF fees on a single attempted transaction. In the agreement, the bank continues to deny liability. While an agreement has been reached between the two parties, the agreement has yet to be approved by the courts. A hearing has been scheduled for February 13, 2024, in the Ontario Superior Court of Justice to approve the settlement and award the payouts. Accountholders will receive their payouts, “estimated to be in the range of approximately $88 CAD,” deposited directly to their account with the bank. Under the proposed settlement agreement, the representative plaintiff will receive an honorarium of $10,000. As previously covered by InfoBytes, the FDIC warned that supervised financial institutions that charge multiple NSF fees on re-presented unpaid transactions may face increased regulatory scrutiny and litigation risk.
INTERPOL seizes $300 million in international financial crime operation
On December 19, INTERPOL announced the conclusion of a transcontinental police operation against online financial crime called HAECHI IV. The operation ended with around 3,500 arrests and seizures of $300 million USD worth of assets across 34 countries. Of the $300 million, about two-thirds of was hard currency and one-third was virtual assets. HAECHI IV targeted seven types of cyber scams, including voice phishing, romance scams, online sextortion, investment fraud, and money laundering associated with illegal online gambling, among others. Through INTERPOL’s stop-payment mechanism to block criminal proceeds, authorities blocked 82,112 “suspicious” bank accounts. Next on INTERPOL’s radar is a new scam in Korea that involves the sale of non-fungible tokens (NFTs) that are a “rug pull,” a crypto scam where developers abandon a project and investors lose their money. Interestingly, the UK team of the operation reported on how scammers used artificial intelligence to create synthetic content, which criminals primarily used for impersonation scams.
IOSCO publishes nine recommendations on decentralized finance
On December 19, 2023, the International Organization of Securities Commissions (IOSCO) published a report on decentralized finance to address market integrity and investor protection. The report includes nine policy recommendations for decentralized financial regulators to follow. Decentralized finance structures include financial products and arrangements that use a distributed ledger or blockchain technology. IOSCO’s policy recommendations on decentralized finance complement a similar report on crypto and digital asset markets, as written about on InfoBytes, here. The policy recommendations are as follows: (i) regulators should analyze decentralized finance products, services, and activities in its jurisdiction; (ii) regulators should identify the persons or entities that could be subject to its regulatory framework; (iii) regulators should use frameworks to regulate and address risks arising from decentralized finance consistent with IOSCO standards; (iv) regulators should require responsible persons to address conflicts of interest; (v) regulators should require responsible persons to address material risks, including operational and technological ones; (vi) regulators should require responsible persons to disclose information clearly to users and investors; (vii) regulators should apply comprehensive powers to decentralized financial services to detect and enforce violations under law; (viii) regulators should cooperate and share information with other regulators and authorities; and (ix) regulators should seek to understand how decentralized finance products are linked to the crypto-asset market as well as traditional finance markets. The final section of the report summarized the feedback garnered from 45 stakeholders on eight categories.
EU Commission, Council, and Parliament agree on details of AI Act
On December 9, the EU Commission announced a political agreement between the European Parliament and the European Council regarding the proposed Artificial Intelligence Act (AI Act). The agreement is provisional and is subject to finalizing the text and formal approval by lawmakers in the European Parliament and the Council. The AI Act will regulate the development and use of AI systems, as well as impose fines on any non-compliant use. The object of the law is to ensure that AI technology is safe and that its use respects fundamental democratic rights while balancing the need to allow businesses to grow and thrive. The AI Act will also create a new European AI Office to ensure coordination, transparency, and to “supervise the implementation and enforcement of the new rules.” According to this EU Parliament press release, powerful foundation models that pose systemic risks will be subject to specific rules in the final version of the AI Act based on a tiered classification.
Except with foundation models, the EU AI Act adopts a risk-based approach to the regulation of AI systems, classifying these into different risk categories: minimal risk, high-risk, and unacceptable risk. Most AI systems would be deemed as minimal risk since they pose little to no risk to citizens’ safety. High-risk AI systems would be subject to the heaviest obligations, including certifications on the adoption of risk-mitigation systems, data governance, logging of activity, documentation obligations, transparency requirements, human oversight, and cybersecurity standards. Examples of high-risk AI systems include utility infrastructures, medical devices, institutional admissions, law enforcement, biometric identification and categorization, and emotion recognition systems. AI systems deemed “unacceptable” are those that “present a clear threat to the fundamental rights of people” such as systems that manipulate human behaviors, like “deep fakes,” and any type of social scoring done by governments or companies. While some biometric identification is allowed, “unacceptable” uses include emotional recognition systems at work or by law enforcement agencies (with narrow exceptions).
Sanctions for breach of the law will range from a low of €7.5 million or 1.5 percent of a company’s global total revenue to as high as €35 million or 7 percent of revenue. Once adopted, the law will be effective from early 2026 or later. Compliance will be challenging (the law targets AI systems made available in the EU), and companies should identify whether their use and/or development of such systems will be impacted.