APRIL 2021
AMEIS REGFACTS FINTECH - Related Regulatory & Compliance News
In This Issue : CSA & IIROC Joint Publication Regarding Securities Laws Applicable To Crypto Asset Trading Platforms..............................1 AMF's France Summary on Second Series of Cybersecurity System SPOT Inspections................................................................2 FCA Extend Annual Financial Crime Reporting Obligation ............3 EC's Consultation On Instant Payments..........................................4 AMF & ACPR Warns Against Entities Not Authorized to Offer Investments in Forex and Crypto-assets Derivatives.....................5 CFTC Fined Coinbase for 'Reckless' Reporting .............................6
www.ameiscorp.com
CSA & IIROC Joint Publication Regarding Securities Laws Applicable To Crypto Asset Trading Platforms On March 29, the Canadian Securities Administrators (CSA) and the Investment Industry Regulatory Organization of Canada (together the ‘Regulators’) released Staff Notice 21-329 - Guidance for Crypto-Asset Trading Platforms: Compliance with Regulatory Requirements (The ‘Staff Notice’). The Staff Notice, which does not introduce new regulatory requirements, aims at clarifying how securities legislation applies to Crypto Asset Trading Platforms (CTPs) that facilitate or propose to facilitate the trading of Crypto assets that are securities (Security Tokens) and instruments or contracts involving crypto assets. The Staff Notice include, an overview of the existing regulatory requirements takeaways applicable to CTPs; a description of key risks related toKey CTPs; and areas where flexibility may be available in how regulatory requirements will be applied to CTPs. The Notice is addressed to CTPs that are considered “Marketplace Platforms” and other CTPs that trade Security Tokens or Crypto Contracts and referred to as “Dealer Platforms”. CTPs that operate activities that have elements of both Marketplace Platforms and Dealer Platforms are also in scope. CSA/IIROC’s guidance on the regulatory approach to Dealer Platforms are as follows: Requirement to be registered under the appropriate category with the relevant regulatory depending on the activities. Interim approach allowing a Dealer Platform that trades Crypto Contracts to be registered as a restricted dealer to tackle the operational delay due to the amount of time it takes to prepare for and obtain registration as an investment dealer and IIROC membership. This approach will also benefit CTPs that are just interested in a testing environment to assess the technical merits of their proposed platform. Clarification regarding the application process depending on which category of registration the Dealer Platform falls under.
1
Guidance on the regulatory approach to Marketplace Platforms include: The application of the market integrity requirements as those in IIROC’s Universal Market Integrity Rules (UMIR) to Marketplace Platforms. Where applicable, exemptions from existing regulatory requirements for Marketplace Platforms that also Conduct Dealer Activities Regulating a Marketplace Platform as an exchange in certain circumstances (e.g. if a Marketplace Platform trades Security Tokens and regulates issuers of those securities) The requirement for a Marketplace Platform that is not an exchange to be registered as an investment dealer ad IIROC member where applicable. The CSA specify that it does welcome innovation and specify that Canadian and foreign fintech businesses that helps bolster innovation must ensure to comply with the relevant regulatory requirements. next step for the CSA will be to review the regulatory framework applicable to dealers and marketplaces that trade over-the-counter derivatives.
2
AMF's France Summary on Second Cybersecurity System SPOT Inspections
Series
of
The Autorité des Marchés Financiers (AMF) in France recently published its summary of findings relating to its second series of of cybersecurity system SPOT inspections concerning five asset management companies (AMCs).
Concerned entities include : Collective investment management firms, including portfolio asset management companies Investment services providers other than portfolio asset management companies Investment firms and credit institutions authorized to provide investment services Financial investment advisers
The document that lists the themes involving Supervision des Pratiques Opérationnelle et Thématique – “operational and thematic supervision of practices” (SPOT), aims at outlining and addressing certain areas of risk that the regulator has identified concerning the governance of cyber system and the incident management process . The work follows on from the inspections carried out on this topic in 2019. This further work was justified by the areas of risk identified during the first series of inspections, but also by a will to supplement the due diligence conducted by performing technical tests delegated to an accredited external third party.
The inspections focused on five key areas: Organization and governance of cybersecurity systems . Coordination of IT service providers Incident management processes Supervision of processes for remote access to information systems Internal control systems The summary confirmed that cybersecurity risks are evolving governance and control systems challenges faced by all the AMCs inspected mainly favorized by, among others: The independence of the function in charge of IS security management relative to the function of IS Director/Manager. The limited number of periodic phishing tests to measure the impact and development of awareness raising campaigns. The absence of audit clauses and procedures for alerting AMCs in the event of a critical cyber incident. The lack of policies for managing security components and patches. The insufficient mapping of the protocols for the exchange of data with third parties systems (e.g. depository, auditor). The absence of processes for sensitive data backup and storage in existing internal controls of the cybersecurity system. In the context of the COVID-19 pandemic, specific analysis was also conducted on business continuity planning, supervision of "teleworking" processes and preventive measures concerning potential upsurge of 5 cyber incidents.
FCA Extend Annual Financial Crime Reporting Obligation On March 31, UK's Financial Conduct Authority announced the extension of the Annual Financial Crime Reporting Obligation (REP-CRIM) to encompass approximately 4,500 additional firms, including cryptoasset businesses that should "be brought into scope of the return based on their business activities and the potential money laundering risks".
Concerned entities are those supervised by the FCA under the Money Laundering Regulations and include : Banks Businesses undertaking MiFID related activities Cryptoasset businesses All Multilateral Trading Facilities All Organised Trading Facilities
Policy Statement PS 21/4, first published in July 2016, introduced an annual financial crime reporting obligation for certain firms. The FCA consulted stakeholders in August 2020 on the proposal to increase the number of firms that were required to submit the return on their business activities and ML related risks by bringing into scope firms such as cryptoasset businesses.
As per section 1.6 of the Policy, all impacted firms, including cryptoasset exchange providers and custodian wallet providers, will be required to provide the FCA with REP-CRIM information irrespective of total annual revenue. Furthermore, the policy clairifies that a cryptoasset business is not required to submit sanction-specific information however, a cryptoasset business may choose to do so voluntarily. Moreover, fraud questions remain voluntary as it does for all firms submitting REP-CRIM.
EC's Consultation on Instant Payments On March 24, the European Commission (EC) published a targeted consultation paper on instant payments. The consultation will collect information from payment service providers (PSPs) and providers of supporting technical services to enable the Commission to identify and address remaining obstacles instant payments in the EU. Questions concerned areas such as PSPs incentives to adhere to an instant credit transfer scheme, PSPs liquidity management, restrictions on operations due to sanctions screening, complaints relating to incorrect beneficiary. Comments are to be provided by 2 June 2021.
5
AMF & ACPR warns against entities not authorized to offer investments in Forex and cryptoassets derivatives The Autorité des Marchés Financiers (AMF) and the Autorité de Contrôle Prudentiel et de Résolution (ACPR) updated their black lists of websites identified as not authorized to offer investments in the unregulated foreign exchange (Forex) market and in derivative products whose underlying assets comprise crypto-assets. The black list is regularly update to raise awareness amongst investors.
Key takeaways
4
CFTC Fined Coinbase for 'Reckless' Reporting On March 19, the Commodity Futures Trading Commission (CFTC) ordered digital asset exchange operator Coinbase Inc. to pay $6.5 million following the determination of false, misleading or inaccurating reporting and wash trading between January 2015 and September 2018.
According to the CFTC release, Coinbase "recklessly delivered false, misleading, or inaccurate reports" concerning transactions in digital assets on the electronic trading platform it operated, failing to disclose that it operated more than one trading program and trading through multiple accounts. Furthermore, transactions of these programs were found to match, resulting in Key takeaways trades between accounts and creating a potentially perceived volume and liquidity. According to the order, "transactional information of this type is used by market participants for price discovery, and potentially resulted in a perceived volume and level of liquidity of digital assets that was false, misleading, or inaccurate."
The CFTC defined wash trading as an operation that consist of entering into, or purporting to enter into, transactions to give the appearance that purchases and sales have been made, without incurring market risk or changing the trader's market position. The Commodity Exchange Act prohibits wash trading, also called Round Trip Trading, Wash Sales.
Stay up-to-date with REGFACTS, INDUSTRY NEWS & TRENDS by Ameis Regulatory Services.
6
Ameis Regulatory Services focuses on providing regulatory and compliance support for fintech companies
About us
Complex landscape & widening gaps
We help you understand the rules that govern your activites, services and products, enabling you to meet your ongoing regulatory obligations and navigate the ever-evolving, complex regulatory landscape.
Increasing regulatory requirements and the pace of change are making it harder for you to keep up with the pressures of compliance and managing cost-effective operations
Our team is composed of professionals with extensive experience serving the investment management, capital markets and asset servicing industries.
Investor demand for enhanced transparency and disclosure, data privacy, investor and consumer protection requirements, and AML/KYC concerns are some of the many challenges affecting the industry.
Current challenges
We provide practical and tailored solutions Review and analysis of regulatory texts Reporting Response preparation Compliance program development
Contact us Déborah Koualé, Founder deborah.kouale@ameiscorp.com
Change management Regulatory intelligence and training Ongoing compliance support Registrations
Carolyn Le Quéré carolyn.lequere@ameiscorp.com
www.ameiscorp.com
