Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
1
Changes in
Compliance & Regulation
Limerick, Galway, Mullingar
(See updated slides in relation to MCC 2017 and Grandfathering in particular)
Fergus Bradley February 2018
Nothing Stays the Same!
2018 – Nothing Stays the Same!
n AML/CFT/FS – 4th Directive, etc.
n MiFID Regulations
n Addendum to Consumer Protection Code
n Minimum Competency Code 2017
n PRIIPs
n GDPR
4th AML Directiven In place since 26th June 2017
n Awaiting legislation/SI to give effect to the Directive
n Awaiting any guidance from CBI, etc.
n AML/CFT is strong focus of the CBI
n Read Intermediary Times Aug ‘16 and Feb ‘17
CBI - RI inspection process
n Detailed Risk Evaluation Questionnaire
n Request for detailed supporting documentation
n Evidence of risk assessment completion
n Evidence of Board involvement and sign-off of policies, procedures, risk assessment
n Evidence of annual staff re-training, including attendees, confirmation of completion, presentations
Evaluation Questions
n Is AML an agenda item for Board meetings?
n How many times in last 12 months?
n Risk Assessment conducted/approved?
n What risk rating applied to various headings?
n What policies/procedures are in place?
2
Trainingn All Board & senior management trained?
n Specialist training for MLRO?
n What training for new staff?
n Evidence of annual training – who received training, trainer, content?
n Records of everything?
Customer Due Diligence
n Risk profile of products/services?
n Breakdown of products/services by risk?
n Ultra High, High, Medium High, Medium Low, Low?
n Customer analysis under above?
n How many relationships/transactions rejected?
Financial Sanction/PEP checkingn Does EU/UN sanction take place & how?
n Does PEP checking take place & how?
n Frequency of checking?
n PEP’s and what countries?
n Non-resident clients?
n Remember PEP’s will include Irish PEP’s!!
On-going monitoringn Policies and Procedures review
n How is monitoring conducted?
n Pre-1995 customers?
n Customers living abroad?
n Systems e.g. MoneyAdvice, Wealthtrack?
n Suspicious Transaction Reporting?
Feedback emergingn Client on-boarding PEP checks
n Client on-boarding EU/UN Sanction checks
n If not ‘Face to Face’ sale, what ‘additional’ checks carried out? (Incl. low risk products)
n AML/CTF Training records – back to 2013 –attendees, providers, actual presentations
n Board – training, responsibility, oversight
Beneficial Owners Register
n Arises from 4ALMD – S.I. 560 of 2016
n Register required for most companies
n Need to record details of direct or indirect beneficial ownership i.e. 25% plus 1 share or greater
n Record name, DoB, address, statement of nature and extent of interest
3
Addendum to the CPC 2017n Effective Jan 2018
n Dovetailing MiFID requirements for Investment Intermediaries obligations
n Addendum references MiFID Regulations and EU Commission Delegated Regulation 2017
n Not easy documents to read
Key Items in Addendumn Use of word ‘Independent’ in firm name or
description of services
n Provision of advice on an independent or non-independent basis
n Can’t be independent if commission received from product producer
n Suitability Statements – watch content changes for consumer ‘report’
More Key Items….n Conflicts of Interest – stronger focus
n Periodic suitability review - be careful what you commit to!
n If review, must be annual suitability review and possibly more often depending on risk profile of client or financial investments
n Target markets – product approval process, understand characteristics of products, etc.
And more….n Electronic recording of phone conversations
n If recording, the full MiFID rules apply
n If not recording, must follow up with note to client confirming key details – check the specific requirements of the Addendum!!
Minimum Competency Code 2017
n Published on 1/9/2017, effective 3/1/2018
n Partly driven by MiFID II, Mortgage Credit Regulations, Insurance Distribution Directive
n Consolidates previous updates to MCC 2011
4
Changes
n Qualifications/Grandfathering
n Minimum of 1 key staff member to be involved in product design to meet prescribed standards
n CPD for all Board members of Mortgage Credit Intermediary firms
n Annual review of staff members development and experience needs – all firms!!
Grandfathering
n Will no longer apply to:- Debt Management services- Mortgage Credit Intermediaries (‘MCI’)
n Some transitional arrangements
n MCI’s must have qualification by 21/3/2019
n Credit Servicing – qualification by 8/7/2019
MiFID II services or activities
n Qualification plus…
n At least 6 months experience:- on a full-time equivalent basis- relevant to function by 3/1/2018
n Otherwise, qualification + 6 months experience on a full-time equivalent basis
Grandfathering – MiFID Bondsn Employees of Investment Intermediaries
authorised under the IIA may be able retain their Grandfathering to advise
n G/F Advisors in MiFID firms should check with the firm to see what rules apply to the firm
CPD Changes - MCI
n All Board members/Principals of MCI firms must complete CPD
n Applies to Non-Exec Directors and others in business not involved in MCI activities
n 6 hours CPD ‘in relation to mortgage credit agreements’
5
PRIIPs
n ‘Packaged Retail & Insurance-based Investment Product’
n Introduces a KID (Key Investor Document)
n Effective 1 Jan 2018
n Product manufacturers developed KID’s
n KID is a standalone document max. 3 pages
KID for what products?
n Structured Bonds
n Unit linked insurance, unitised WP products
n Investment funds
n Derivatives
n Must be provided prior to sale?
n Paper preferred to face to face sale!
What products are excluded?
n UCITS products (until 2020)
n Pension policies
n Term assurance products
n Bank deposits
KID information
n What is this product?
n What are risks & what could I get?
n Risk reward profile file – 7 classes – different to ESMA!!
n What happens if manufacturer can’t pay out?
KID information
n Generic based on €10k SP or €1k AP
n What are the costs?- Summary Cost Indicator (‘SCI’)- Reduction in Yield (‘RIY’)
n How long should I hold the product?
n Can I take my money out?
n How can I complain?
The ‘KID’, The ‘SID’, and the ‘CIN’
Providers have choice to have:
n 1 Document - Single fund specific KID
Or
n 2 Documents - KID non fund specific plus a- SID (Fund specific Information)
n If insurance policy, still also need a CIN!
6
Transparency
n Providers are taking interpretations
n Complex calculations from actuarial viewpoint
n Risk ratings are confusing
n Equity fund may be lower than Deposit fund!
n Advisors having difficulty getting to grips
n Spare a thought for the consumer!!
Example of Bond Client Docs
n Key Features Document
n ‘KID’
n Stockbroker Terms and Conditions
n Stockbroker Guide to Services and Charges
n Client Asset Key Information Document (‘CAKID’)
GDPR
n General Data Protection Regulations
n Effective 25 May 2018
n Start devising plans now
n Significant implications for all firms
Key changes
n Data Protection Officer may be needed
n Penalties – up to €20m or 4% of turnover
n Privacy by design – part of decision making
n Consent – freely specific, informed and unambiguous consent i.e. opt-in
GDPR – Key Changes
n Data breaches – mandatory reporting, failure to report could incur fine
n Legal redress – data subjects can sue
n Data access request – timescale reduced from 40 days
Become aware…
n Identify areas which could cause problems
n Review policies and procedures
n Sources – paper and electronic formats
n Where is information stored? Can it be easily accessed?
7
Becoming Accountable
n Prepare inventory of personal data
n What data, why held?
n Why gathered, how was it obtained?
n Retention period
n How secure is data - encryption, accessibility
Communications…
n Review privacy wordings & Terms of Business
n Identify any potential gaps
n Extra information to client – legal basis for processing data, retention periods, right of complaints….
n Concise, easy to understand clear language
Retention….
n Data Retention Policy and timescales
n How can data be deleted – paper, electronic
n What is a suitable period to retain data
n Link to FSPO investigation > 6 years, potentially back to 2002!
Data Access Requests
n May not be able to charge fee
n Timescales down for provision of information
n Know where information is held - and how to access it
n Right to have information corrected
n Right to be ‘forgotten’ – what about regulatory obligations to retain data?
2018 – Nothing Stays the Same!
n AML/CFT/FS – 4th Directive, etc.
n MiFID Regulations
n Addendum to Consumer Protection Code
n Minimum Competency Code 2017
n PRIIPs
n GDPR