Global Payments Newsletter, June 2022

In this Newsletter: 

• Regulatory Developments
• Payment Market Developments 
• Surveys and Reports

For previous editions of the Global Payments Newsletter, please visit our Financial Services practice page. 

Regulatory Developments

United Kingdom: Payment Systems Regulator announces two market reviews on card fees

On 21 June 2022, the Payment Systems Regulator (PSR) announced its plans to carry out two market reviews focusing on card fees. One of the market reviews will look at scheme and processing fees (MR22/1.1), and the other at cross-border interchange fees (MR22/2.1).

The reviews focus on Mastercard and Visa as these two card payment system operators account for 99% of debit and credit card payments in the UK.

On scheme and processing fees, the PSR is carrying out this review because its Card-Acquiring Market Review (CAMR) found that the fees paid by acquirers had increased significantly from 2014 to 2018. Further feedback from stakeholders also highlights that scheme fees have continued to increase since then. The PSR wants to understand whether the markets in connection with scheme and processing fees are working well. This market review will examine the levels, structure and types of scheme and processing fees, and builds on the PSR’s CAMR findings.

In addition, cross-border interchange fees have also increased significantly in the last year. This affects fees for certain card transactions between the UK and the EEA, where the cardholder is not present (such as payments made by phone or online). Since the UK left the EU, Visa and Mastercard have increased these fees fivefold. The PSR wants to understand the rationale behind these increases and whether they are an indication that the market is not working well.

The draft terms of reference for the market reviews are open for consultation until 2 August 2022.

Back to the top

India: Reserve Bank of India publishes Payments Vision 2025

On 17 June 2022, the Reserve Bank of India (RBI) published its Payments Vision 2025 which proposes a number of innovative payment systems and regulation of BigTechs, Fintechs, Buy-Now Pay-Later (BNPL) systems, and the introduction of a Central Bank Digital Currency (CBDC), among other things. Some key points include:

• The document’s central subject is the 4Es (Electronic Payments for Everyone, Everywhere, Every Time), with five underlying objectives of integrity, inclusivity, innovation, institutionalisation, and internationalisation. The RBI intends to investigate a Unified Payments Interface (UPI)-like system for cards.
• By 2025, the central bank wants to triple the number of digital payment transactions and reduce the volume of cheque-based payments to less than 0.5% of total retail payments.
• In the payments arena, the RBI also recommends regulating BigTechs and FinTechs. Without adequate rules, the RBI feels that the growing dominance of BigTechs and FinTechs in the payments ecosystem poses a risk not just to financial stability and market integrity, but also to customers in terms of debt traps, mis-selling, and data breaches, among other things.

Back to the top

United States: U.S. Department of Commerce solicits public comments on digital asset technologies framework

On 19 May 2022, the U.S. Department of Commerce (Commerce) issued a notice and request for comment on developing a framework for leveraging and enhancing U.S. competitiveness in digital asset technologies (which include cryptocurrencies, stablecoins, and central bank digital currencies, among others) as mandated by the Biden Administration’s 9 March 2022 Executive Order. 

The Executive Order directs the Secretary of Commerce, in consultation with the Secretary of State, the Secretary of the Treasury, and heads of other relevant agencies to establish a framework that will complement U.S. engagement in international forums, such as the Group of 7, Group of 20, the FATF and the FSB, to elevate the importance of responsible development of digital asset technologies. The Executive Order instructs that Commerce release the framework by 5 September 2022.

The notice seeks comment from industry on matters relevant to the Commerce’s development of the framework and invites responses to seventeen specific questions, including the following examples:

• What obstacles do U.S. digital asset businesses face when competing globally?
• What impact, if any, does the global nature of the digital assets sector have on U.S. digital asset businesses’ ability to attract and retain talent and maintain leadership in development and operation of digital asset technologies within the United States?
• Can digital assets improve international payments (including trade and remittances), and improve on access to trade finance? If so, how? How do digital assets compare to other initiatives in payments such as the Federal Reserve’s FedNow?

Comments are due to Commerce by 5 July 2022.

For more on this development, take a look at this Engage article by members of Hogan Lovells’ Washington, D.C. office.

Back to the top

Jamaica: Bank of Jamaica is given authority to issue a CBDC

On 3 June 2022, the Jamaican Senate approved a Bill giving authority to the Bank of Jamaica (BOJ) to issue the Central Bank Digital Currency (CBDC) JAM-DEX as legal tender locally. 

The Bill was approved following the successful pilot undertaken between August and December 2021. Full CBDC implementation is expected to significantly reduce traditional challenges associated with many Jamaicans not having a bank account. It will also allow businesses to engage in more efficient cash management.

Back to the top

United Kingdom: FCA speech on regulating finance in the UK 

On 20 May 2022, the FCA published a speech by Charles Randell, FCA Chair, on regulating finance for the whole of the UK. Points of interest in the speech include the following:

• Regulating the issue and trading of purely speculative crypto tokens: If the success of the FCA in regulating speculative crypto is going to be judged, certain questions need to be properly and openly debated and answered well before responsibility passes to the FCA, rather than afterwards. The project to bring speculative crypto into regulation also needs a workable operational plan that the FCA, and other regulators where appropriate, are fully signed up to delivering. 
• Financial Services and Markets Bill: Mr Randell shares his thoughts on how to ensure that the Bill achieves its aim as set out in the Queen's Speech 2022. Among other things, he expresses concern with the government's proposed new powers to intervene in the FCA's processes.

Back to the top

United Kingdom: HM Treasury publishes policy statement on critical third parties to finance sector

On 8 June 2022, HM Treasury (HMT) published a policy statement outlining a proposal to regulate third parties to financial services and financial market infrastructure firms (Firms).

The proposal aims to allow UK regulators to directly oversee services provided by critical third parties, to ensure the resilience of financial services, and reduce the risk of systemic disruption, and proposes to do this by enacting primary legislation. The proposed regime also aims to be flexible and proportionate.

Key aspects of the proposal include:

• Designating a third party as ‘critical’: Third parties will be designated as critical by HMT via secondary legislation. HMT would make the designation in accordance with a ‘designation framework’ which will be laid out in the primary legislation. HMT would also consult the financial regulators, the third parties and Firms (and potentially other bodies) when making such designation.
• Regulator powers: In order to assess whether the resilience standards are being met, the financial regulators would be granted powers to:
  • request information directly from critical third parties on their resilience and compliance with the legislation;
  • commission an independent ‘skilled person’ to report on certain aspects of a critical third party’s services;
  • appoint an investigator to investigate potential breaches;
  • interview a representative of a critical third party and require the production of documents;
  • enter a critical third party’s premises under warrant as part of an investigation.
• Enforcement: The financial regulators would have the power to direct critical third parties to: take or refrain from taking specific actions; publicise failings; and/or prohibit a critical third party from providing services.

The government intends to introduce the primary legislation for this proposed regime “when parliamentary time allows”. After such legislation is introduced, the financial regulators will publish a joint discussion paper setting out how they propose to use their powers. Following Royal Assent, the regulators anticipate publishing a further consultation paper on their proposed rules, building on feedback to the joint discussion paper and based on their proposed, new statutory powers. Once the regulators' rules have been finalised, HMT expects to begin designating the first critical third parties under the new regime.

For more on the policy paper, take a look at this Engage article by members of Hogan Lovells’ London office.

Back to the top

United Kingdom: PRA speech on supervisory expectations on operational resilience

On 25 May 2022, the PRA published a speech by Duncan Mackinnon, Executive Director for Supervisory Risk Specialists, on operational resilience.

In the speech, Mr Mackinnon considers the PRA's supervisory expectations of firms, including banks and insurers, in their implementation of the operational resilience framework ahead of the March 2025 deadline. Among other things, he discusses:

• Scenario testing: Mr Mackinnon sets out the PRA's expectations concerning scenarios. They should, among other things, assume disruption has occurred, include data integrity scenarios and incorporate third party disruption. Scenarios should also consider factors beyond the firm's control and ask what might happen if back-up arrangements do not function as anticipated. 
• Building resilience: Where firms cannot remain within their impact tolerance, they are likely to need to invest. This might include building additional data centres to allow for substitutability, reviewing outsourcing agreements to prevent disruptions to services caused by third-party suppliers and replacing legacy systems. 
• Embedding resilience: The PRA expects resilience to be embedded in the way firms do business and for it to become a major consideration in their investment programmes. Mr Mackinnon also highlights where operational resilience policy complements and enhances existing regulatory expectations, such as in respect of operational risk, disaster recovery and business continuity.

Back to the top

United Kingdom: HMRC consults on including cryptoassets in the Investment Transaction List 

On 23 May 2022, HMRC published a consultation on expanding the Investment Transactions List (ITL) for the Investment Management Exemption (IME) and other fund tax regimes to consider adding transactions in cryptoassets to the ITL as transactions that benefit from the IME. HMRC considers that cryptoasset investments would not generally fall within the current ITL.

HMRC is consulting on the appropriate definition of ‘cryptoassets’ to use in the extended ITL and indicates that it may mirror the definition of cryptoassets contained in the OECD Crypto-Asset Reporting Framework subject to exclusions for transactions in land, cryptoassets that provide for the transfer of intangible assets not already included in the ITL and closed-loop cryptoassets.

This consultation is one of a package of measures to ensure that the UK financial services sector remains at the cutting edge of technology, and the UK a global cryptoasset technology hub, as referred to by HM Treasury in April 2022.

The consultation closes on 18 July 2022.

Back to the top

Paraguay: Chamber of Deputies passes a bill to regulate cryptoassets 

On 25 May 2022, the Chamber of Deputies in Paraguay approved a bill that establishes a legal framework for the mining, commercialisation, exchange, transfer, custody and administration of cryptoassets and instruments that provide control over cryptoassets.

Back to the top

United States: New York State Department of Financial Services publishes stablecoin guidance

On 8 June 2022, the New York State Department of Financial Services (NYDFS) published formal stablecoin guidance, making it the first state in the United States to do so.

The guidance sets out that stablecoins traded in the U.S. state of New York should be fully backed by certain assets, with these assets segregated from the issuers’ operational funds and attested to by an auditor regularly. According to NYDFS’s guidance, stablecoins, the value of which is intended to be pegged to the U.S. dollar or other assets, must be backed by a reserve composed of U.S. Treasury bills with no more than three months to maturity, U.S. Treasury notes, some types of U.S. Treasury bonds or reverse repurchase agreements that are collateralised by Treasury bills.

Back to the top

Japan: Parliament passes stablecoin bill 

On 3 June 2022, it was reported that the Japanese Parliament passed a stablecoin bill which aims to protect investors and the financial system from risks associated with the rapid adoption of stablecoin. Key elements of the bill are reportedly as follows:

• The bill defines stablecoins as digital money. 
• The bill stipulates that the issuance of stablecoins is limited to licensed banks, registered money transfer agents and trust companies in Japan.
• The new legislation also introduces a registration system for financial institutions to issue such digital assets and provides anti-money laundering measures.

The new legal framework will reportedly take effect in 2023, with Japan’s Financial Services Agency planning to introduce regulations for stablecoin issuers in the coming months.

Back to the top

Global: G7 leaders call on the Financial Stability Board to implement regulatory framework for cryptoassets

On 20 May 2022, following their meeting, G7 finance ministers and central bank governors published their communiqué on their future actions and priorities. 

Among other things, the group reiterated their support for the Financial Stability Board (FSB) and called on it to accelerate its efforts to implement a regulatory framework for cryptoassets and their service providers. Given the recent developments and uncertainty in the cryptoasset market, the G7 are asking the FSB to coordinate with international standard-setters to rapidly develop and implement a consistent and comprehensive regulation of cryptoasset issuers and service providers. The aim is to hold cryptoassets (including stablecoins) to the same standards as the rest of the financial system. Critically, the G7 have called for the implementation of the FATF ‘travel rule’, with the implementation of stronger disclosure and regulatory reporting requirements.

The group also highlights the opportunities and challenges posed by CBDCs, and encourages jurisdictions exploring CBDC initiatives to consider, in particular, their international and cross-border dimensions.

Back to the top

Global: Bank for International Settlement publishes working paper on impact of cryptocurrencies on the global financial system

On 18 May 2022, the Bank for International Settlements (BIS) published a working paper on the impact of cryptocurrencies on the global financial system. 

The paper calls for regulatory action to address gaps in the reporting of crypto-trading data and to establish a more level playing field with regard to the regulatory treatment of traditional financial institutions and the cryptocurrency ecosystem. The paper also calls for cryptocurrencies and crypto exchanges to be subject to the same types of regulation and oversight as economically equivalent asset classes and institutions, including with regards to financial stability, consumer protection, and AML/CFT standards. Finally, the paper calls for a systematic collection and publication of cryptocurrency data in order to help authorities oversee and regulate cryptocurrencies. 

Back to the top

Australia: Taxation Office tax priorities for 2022 include monitoring citizens’ reporting of cryptoassets and NFTs

On 16 May 2022, the Australian Taxation Office (ATO) set out its tax priorities for 2022 which include, among other things, the monitoring of citizens’ reporting of cryptoasset and non-fungible token (NFTs) capital gains and losses. 

The statement sets out that if citizens dispose of an asset such as property, shares, or a cryptoasset (including NFTs) this financial year, they will need to calculate a capital gain or capital loss and record it in their tax return.

Back to the top

Singapore: MAS announces pilot on use cases for digital assets

On 31 May 2022, the Monetary Authority of Singapore (MAS) announced the launch of Project Guardian, a collaborative initiative with the financial industry that seeks to explore the economic potential and value-adding use cases of asset tokenisation.

Project Guardian will test the feasibility of applications in asset tokenisation and Decentralised Finance (“DeFi”) while managing risks to financial stability and integrity. MAS aims to develop and pilot use cases in four main areas:

• Open, interoperable networks – exploring the use of public blockchains to build open, interoperable networks that enable digital assets to be traded across platforms and liquidity pools. 
• Trust anchors – establishing a trusted environment for the execution of DeFi protocols through a common trust layer of independent trust anchors. Trust anchors are regulated financial institutions that screen, verify and issue verifiable credentials to entities that wish to participate in DeFi protocols. 
• Asset tokenisation – examining the representation of securities in the form of digital bearer assets and the use of tokenised deposits issued by deposit-taking institutions on public blockchains.  
• Institutional grade DeFi protocols – studying the introduction of regulatory safeguards and controls into DeFi protocols to mitigate against market manipulation and operational risk. The project will also examine the use of smart contract auditing capabilities to detect code vulnerabilities.

Back to the top

Europe: ECB publishes a report on the risks arising from cryptoassets

On 24 May 2022, the European Central Bank (ECB) published a report on the risks arising from cryptoassets. 

The report forms part of the ECB's May 2022 Financial Stability Review, in which it assesses the current financial stability vulnerabilities facing the EU financial markets. The chapter on cryptoassets notes that, if the current crypto market trends continue (such as increasing interconnectedness with the traditional financial sector), cryptoassets will begin to pose a risk to financial stability. 

The ECB therefore calls on the EU to close regulatory and data gaps in the cryptoasset ecosystem to ensure that financial stability risks are sufficiently mitigated. 

In the EU, the Markets in Cryptoassets (MiCA) Regulation should be approved by the co-legislators as a matter of urgency to ensure it is applied sooner rather than later. However, MiCA is only a first step. Sectoral regulations will need to be reviewed to ensure financial stability risks posed by cryptoassets are mitigated. Any further steps that allow the traditional financial sector to increase its interconnectedness with the cryptoasset market space should be carefully weighed up, and priority should be given to avoiding financial stability risks.

Back to the top

Europe: ESMA speech on delivering the Capital Markets Union

On 1 June 2022, ESMA published a speech by Verena Ross, ESMA Chair, on delivering the Capital Markets Union (CMU). Topics covered included digital transformation and cryptoassets. Ms Ross explained that ESMA welcomes the Commission's proposed Markets in Cryptoassets (MiCA) Regulation and is already reflecting on how it will fulfil the mandates it may be given. She noted that it wants to play a greater role in the authorisation and supervision of significant cryptoasset services providers.

Back to the top

Global: Bank of Israel partners with Hong Kong Monetary Authority and BIS to research cybersecurity issues in the context of retail CBDC

On 17 June 2022, it was announced that the Bank of Israel has partnered with the Hong Kong Monetary Authority and the Bank of International Settlements (BIS) to test the feasibility of a cyber-secure two-tier CBDC. The BIS’s Innovation Hub in Hong Kong will lead this initiative, referred to as "Project Sela”. 

Project Sela will study the data security implications of a two-tier retail CBDC architecture where the intermediaries will have no financial exposure, and pioneer methods of making it more resilient to cyber-attacks. The Project is expected to be completed by the end of 2022.

Back to the top

Nigeria: Central Bank extends eNaira offering to phones 

On 14 June 2022, it was reported that the Central Bank of Nigeria is extending the eNaira service to phones, after the launch of its CBDC pilot in October 2021.

Initially, the offering was only available to bank account holders and via smartphone apps. Now the Central Bank plans to extend the payment service to include phones by using Unstructured Supplementary Service Data (USSD) codes which operate similarly to SMS. The hope is that this will further boost financial inclusion, which currently stands at around 70%.

Typically, the USSD codes involve texting a special number, and a response is sent to the user, giving them a menu of options, such as sending a payment. Initiating the payment involves the user sending another message.

Back to the top

United States: Federal Reserve publishes working paper on impact of Central Bank Digital Currency on the U.S. Federal Reserve 

On 31 May 2022, the Federal Reserve published a staff working paper on the impact that a retail CBDC could have on the balance sheets of the Federal Reserve, commercial banks and U.S. households, and the subsequent impact on U.S. monetary policy implementation.

The working paper points out that the potential effects on monetary policy implementation from a retail CBDC are highly dependent on the initial conditions of the Federal Reserve’s balance sheet. Regardless of the initial conditions in reserve markets, the paper also shows that the adoption of a retail CBDC could be a direct substitute for bank funding sources, such as deposits, and thus could put upward pressure on prices in short-term funding markets. The amount of pressure on money market rates would also depend on the level of demand for a retail CBDC and how that interacts with banks’ demand for reserves. 

The paper also sets out the tools the Federal Reserve has to manage CBDC and banks’ short term liquidity needs.

Back to the top

Europe: Speech by European Central Bank on the EU’s digital euro project

On 16 June 2022, the European Central Bank (ECB) published a speech by Executive Board member Fabio Panetta, entitled ‘Bringing European payments to the next stage: a public-private endeavour’. In his speech, Mr Panetta discusses the EU’s retail payments strategy and the introduction of a digital euro. Key points from the speech include:

• Innovative digital retail payment solutions are not widely available in all European countries, and even less so on a pan-European basis. If the EU fails to meet users’ demand for innovative payments, others will fill this gap; and this may in turn raise more fundamental concerns. 
• The ECB is facing the growing challenge of ensuring central bank money remains available and usable for retail payments in an increasingly digitalised world.
• For a digital euro to be successful, everyone should be able to use it for digital payments throughout the euro area.
• The ECB sees financial intermediaries having a crucial role in distributing and promoting the digital euro and by design it will not crowd out existing private financial instruments. Instead, it will preserve the coexistence of central bank money and private money, supporting innovation by private intermediaries.
• The EU’s digital euro project may provide a suitable opportunity to establish the public-private cooperation that is needed to build the pan-European private retail payment solutions of the future.

Back to the top

United Kingdom: HM Treasury consults on managing the failure of systemic digital settlement asset (including stablecoin) firms

On 31 May 2022, HM Treasury (HMT) published a consultation setting out the government’s proposed approach to managing the failure of systemic digital settlement asset firms, by way of the application to such firms of a modified Financial Market Infrastructure Special Administration Regime (FMI SAR). 

HMT uses the broad term “digital settlement asset” (DSA) to refer to stablecoins of the type consulted on previously, together with wider forms of digital assets used for payments/settlement. HMT uses the term “systemic DSA firm” to refer to systemic DSA payment systems and/or an operator of such a system or a DSA service provider of systemic importance. In the case of stablecoins, this might include – but is not limited to – the issuer of a stablecoin, a wallet, or a third-party service provider. 

In advance of any consideration of the need for a bespoke legal framework for systemic DSA firms, HMT considers an amended FMI SAR to be the most appropriate vehicle through which to address the risks posed by the possible failure of systemic DSA firms which are not banks (as banks are catered for by separate pre-established regimes). 

The consultation closes on 2 August 2022. HMT will then consider respondents’ views and publish a consultation response. Separately, HMT will be consulting in the coming months on the regulatory perimeter for systemic payments firms at large.

Back to the top

Europe: Regulation on pilot regime for market infrastructures based on DLT published in Official Journal

On 2 June 2022, Regulation (EU) 2022/858 on a pilot regime for market infrastructures based on distributed ledger technology (DLT Pilot Regime Regulation) was published in the Official Journal of the EU. 

The DLT Pilot Regime Regulation provides a legal framework for the trading and settlement of transactions in cryptoassets that qualify as financial instruments within the meaning of the MiFID II Directive (2014/65/EU) to allow for the trading and settlement of "tokenised" securities. Cryptoassets that are not financial instruments will fall to be regulated under the regulatory framework established under the proposed Markets in Cryptoassets (MiCA) Regulation.

The DLT Pilot Regime Regulation also makes certain amendments to the MiFID II Directive (2014/65/EU), the Markets in Financial Instruments Regulation (600/2014) (MiFIR) and the Central Securities Depositories Regulation (909/2014) (CSDR). This is necessary as pre-existing financial services legislation was not created with DLT and cryptoassets in mind and includes provisions that could potentially limit the use of blockchain technology.

The DLT Pilot Regime Regulation came into force on 22 June 2022. It will apply in EU member states from 23 March 2023, except for Articles 8(5), 9(5), 10(6) and 17, which apply from 22 June 2022, and Article 16, which will apply (retrospectively) from 4 July 2021.

Back to the top

United Kingdom: FCA consults on updated guidance about branch and ATM closures or conversions

On 14 June 2022, the FCA published a guidance consultation on branch and ATM closures or conversions, setting out proposed updated guidance for firms.

The FCA published finalised guidance on branch and ATM closures or conversions in September 2020. It wants to update the original guidance to ensure that its expectations under its Principles for Businesses are clear. 

The FCA proposes, among other things, to:

• Extend its guidance to apply where firms partially close a branch in the same way as it does to full closures. 
• Remind firms that they should consider whether the services that they are providing through emerging models meet the broad definition of a branch, meaning that the guidance applies to them with respect to a proposed closure of, or withdrawal from, the hub or venue.
• Have firms share details of any commercial evaluation they have completed with the FCA.
• Extend the communications part of the guidance to ensure stakeholders, like relevant consumer groups (for example, charities representing local carers and the elderly) and local councils are proactively contacted.
• Add examples to the guidance to highlight how firms can meet the FCA's expectations on the treatment of customers in vulnerable circumstances. 

The consultation closes to comments on 26 July 2022.

Back to the top

United Kingdom: HM Treasury response to consultation on access to cash

On 19 May 2022, HM Treasury (HMT) published its response to its consultation paper on access to cash.

HMT consulted on its proposed policy approach to developing legislation to protect access to cash in July 2021. In the document, it summarises the main responses received to the consultation and provides an overview of its planned approach to legislating for access to cash in the planned Financial Services and Markets Bill.

HMT plans to designate firms for the purpose of ensuring continued access to cash across the UK. As proposed in its consultation, it intends to designate the largest banks and building societies, using the criteria set out in the consultation paper. Also, in line with its proposals, HMT will have powers to introduce legislative geographic access requirements that would be set out the basis of cash access facilities being available within maximum distances of a minimum percentage of the population.

The FCA will be the lead regulator for retail cash access and will have appropriate powers to ensure that designated firms continue to provide deposit and withdrawal facilities across the UK. The FCA will address cash access issues at both a national and local level. It will have responsibility and powers to monitor and enforce compliance by designated entities on any cash access requirements, and its powers will be broadly consistent with its existing regulatory toolkit for other regulated activities. The FCA will also have powers to obtain information from designated firms and other organisations involved in the provision of cash facilities.

Back to the top

United Kingdom: New FCA webpage on reporting sanctions evasion

On 17 May 2022, the FCA published a new webpage on reporting sanctions evasion or weaknesses in sanctions controls.

The FCA wants to hear about sanctions evasion issues where they relate to firms on the financial services register, other FCA registers or companies with UK-listed securities.

The webpage:

• Sets out how firms can report sanctions evasions to the FCA.
• Identifies what the FCA wants to hear about.
• Explains how to report another firm or individual.
• Summarises other important information for firms to be aware of. This includes that if a firm is sharing information with the FCA, it must still fulfil any statutory legal requirements it has under, for example, the Proceeds of Crime Act 2002 or the Sanctions and Anti-Money Laundering Act 2018.

The FCA will review firms' reports to see if its teams need to take any further action. It notes that it will be unable to share any action it may take on a report. The webpage states that even if the information provided does not result in the FCA taking formal action against a firm or individual, it may help it build up a picture of conduct risk or inform how it develops policy and work with partners to assist the UK enforcement of sanctions.

Back to the top

United Kingdom: OFSI enforcement guidance updated 

On 8 June 2022, the Office of Financial Sanctions Implementation (OFSI) announced that it was updating its enforcement and monetary penalty guidance for breaches of financial sanctions in line with changes brought about by the Economic Crime (Transparency and Enforcement) Act 2022 (EC(TE)A). 

The guidance sets out the powers that OFSI has to impose monetary penalties, how it exercises those powers and details the rights of those against whom OFSI imposes a monetary policy. Of significance among the changes is that following the entry into force of the EC(TE)A, OFSI is no longer required to prove that a person had knowledge or reasonable cause to suspect that a person was in breach of a financial sanction in order to impose a monetary penalty. Notwithstanding that change in the law, OFSI has confirmed that it will take into account the level of actual and expected knowledge of financial sanctions held by an individual or company in assessing the seriousness of any breach and the action which ought to be taken by it as a result.

The guidance also confirms that OFSI will continue to impose a level of monetary penalty that it intends to be clearly and consistently related to its view of the impact of the case and the value or estimated value of the breach. Additionally, the value of the discount is specified to range up to a maximum of 50% for voluntary disclosure in a "serious" case and 30% for voluntary disclosure in a case assessed by it to be "most serious".

The updated guidance took effect from 15 June 2022.

Back to the top

Europe: European Supervisory Authorities joint report on withdrawal of authorisation for serious breaches of AML/CTF rules

On 1 June 2022, the European Supervisory Authorities (ESAs)  (that is, the EBA, ESMA and EIOPA) published a joint report that discusses the completeness, adequacy and uniformity of the applicable laws and practices on the withdrawal of authorisation for serious breaches of Anti-money Laundering (AML) and Counter-terrorist Financing (CTF) rules.

The report identifies areas of improvement for the framework relating to applicable sectoral legislation or where additional analysis is needed (for example, interaction between resolution and the AML and CTF regimes). It also sets out criteria for the notion of serious breach of AML/CTF rules.

The ESAs suggest introducing a specific legal ground to revoke authorisation for serious breaches of AML and CTF rules and that competent authorities ensure that adequacy of AML and CTF arrangements and processes is a condition for granting authorisation or registration.

The report highlights the need for the proposed Markets in Cryptoassets (MiCA) Regulation to appropriately integrate AML and CTF issues in the prudential supervision of entities that will be regulated under that regime.

Back to the top

Europe: EBA final report containing guidelines on role of AML/CFT compliance officers

On 14 June 2022, the EBA published a final report containing guidelines on policies and procedures in relation to compliance management and the role and responsibilities of the Anti-money Laundering and Countering the Financing of Terrorism (AML/CFT) compliance officers under Article 8 and Chapter VI of the Fourth EU Money Laundering Directive (MLD4).

The guidelines apply to all existing management body structures and are described as complementing relevant guidelines issued by the European Supervisory Authorities on wider governance arrangements and suitability checks.

The guidelines set out expectations of the role, tasks and responsibilities of the AML/CFT compliance officer and the management body. Among other things, they specify that credit or financial institutions should appoint one member of their management body who will ultimately be responsible for the implementation of AML/CFT obligations, and clarify the tasks and functions of that person. They also describe the roles and responsibilities of the AML/CFT compliance officer, when this person is appointed by the management body under proportionality criteria.

The guidelines now need to be translated and published on the EBA website. The deadline for competent authorities to report whether they intend to comply with the guidelines is six months after the publication of the translations. The guidelines will apply from 1 December 2022.

Back to the top

United Kingdom: Economic Crime (Transparency and Enforcement) Act 2022 (Commencement No 2 and Saving Provision) Regulations 2022 come into force

On 9 June 2022, the Economic Crime (Transparency and Enforcement) Act 2022 (Commencement No 2 and Saving Provision) Regulations 2022 (SI 2022/638) were made. On 15 June 2022, the Regulations brought into force three provisions in Chapter 1 of Part 3 of the Economic Crime (Transparency and Enforcement) Act 2022 which relate to financial sanctions.

Back to the top

United Kingdom: outcome of HM Treasury consultation on revisions to the AML/CTF regime

On 15 June 2022, HM Treasury published the response to its call for evidence and consultation on possible amendments to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs 2017) and the Oversight of Professional Body Anti-Money Laundering and Counter Terrorist Financing Supervision Regulations 2017 (OPBAS Regulations). Some key points from the response include the following:

• In relation to changes in scope to reflect the latest risk assessments, the response confirms that the Government will remove Account Information Service Providers from the regulated sector but retain Payment Initiation Service Providers, Bill Payment Service Providers and Telecoms, Digital and IT Service Providers from within scope of the regulations.
• AML/CTF supervisors will be given access to the content of Suspicious Activity Reports to enhance the performance of their supervisory functions.
• The amended MLRs will implement the FATF standards to require financial institutions and designated non-financial businesses and professions to identify, assess and take effective action to mitigate proliferation financing risks.
• In relation to transfers of cryptoassets:
  • The Funds Transfer Regulation (the Travel Rule) will be tailored to incorporate the transfer of cryptoassets as being within scope of the MLRs and there will be a 12-month grace period to run from the point at which the amendments to the MLRs take effect, during which cryptoasset businesses will be expected to implement solutions to enable compliance with the Travel Rule.
  • Intermediaries in cryptoasset transfers will also be brought within scope of the MLRs to ensure that a cryptoasset business that is contracted to provide cryptoasset exchange or custodian wallet services on behalf of either the beneficiary's or the originator's cryptoasset business is made subject to the Travel Rule. 
  • A de minimis threshold for cryptoasset transfers will be modified to EUR1,000 to bring it into line with the FATF recommended threshold.
• Additional changes to the MLRs not consulted on, but to be introduced, include an expansion of the FCA's supervision of the MLRs by requiring proposed acquirers of cryptoasset firms to notify the FCA ahead of such acquisitions, allowing the FCA to undertake a ‘fit and proper’ assessment of the acquirer, as well as the power to object to the acquisition, before it takes place.

Back to the top

United Kingdom: National Crime Agency publishes updated guidance on the use of Suspicious Activity Reports

On 17 June 2022, the UK Financial Intelligence Unit (UKFIU) of the National Crime Agency (NCA) published revised guidance on Suspicious Activity Report (SAR) glossary codes and reporting routes. The revised booklet replaces all previous publications.

The revised guidance includes new codes for SARs where the value is less than £3,000 and where you are unaware of any existing law enforcement interest at the time of reporting.

The use of glossary codes is considered good practice. They are crucial for enabling the UKFIU and wider law enforcement to conduct analysis to identify money-laundering trends, high risk cases for development and take immediate action where necessary. They also enable the production of feedback to reporters on trends and patterns identified in SARs.

The guidance also highlights, among other things, that the SARs regime is not a route to report crime or matters relating to immediate risks to others. The SARs regime is for reporting knowledge or suspicions of money-laundering, or belief or suspicions relating to terrorist-financing. As such, in addition to a SAR, the matter may have to be reported via other routes to ensure the right information gets to the right organisation.

Back to the top

Italy: Italian Decree on beneficial owner register published in the Official Gazette 

On 25 May 2022, the long-awaited decree of the Ministry of Economy and Finance regarding the establishment and regulation of the beneficial owner (UBO) register in Italy was published in the Official Gazette (the Decree).

The Decree implements Legislative Decree 231/2007 on the prevention of the use of the financial system for the purposes of money laundering and terrorist financing (AML Law).

Under the Decree, Italian based companies having legal personality, private legal persons, trusts and institutions similar to trusts will be required to report information on their UBO to the Companies Register for registration purposes.  

The information to be reported must include, among other things, the identification data of the relevant UBO and, in the case of companies, the criterion pursuant to which the relevant natural person(s) has/have been identified as UBO(s). Further information is to be reported depending on the nature of the relevant reporting entity.

For more on this development, take a look at this Engage article by members of Hogan Lovells’ Rome office.

Back to the top

United Kingdom: Ministry of Justice post-legislative assessment of Fraud Act 2006 

On 8 June 2022, the Ministry of Justice published a memorandum providing an updated post-legislative assessment of the Fraud Act 2006 for submission to the House of Lords Select Committee on the Fraud Act 2006 and digital fraud. 

The responses obtained in the review supported the view that the Fraud Act 2006 continues to deliver on its objectives and is still regarded as an incredibly useful piece of legislation. The offences are considered wide enough to cover most fraudulent offending, including those which are digitally enabled, and flexible enough to adapt to developing technology.

Suggestions for change included that it was felt that the maximum sentence for Fraud Act offences did not align with other offences such as money laundering.

Back to the top

Global: Outcomes from FATF's June Plenary published  

On 17 June 2022, FATF published a document setting out the outcomes from its plenary meeting which took place from 14 to 17 June 2022.

At the meeting, among other things FATF:

• Finalised a targeted update on the implementation of the FATF standards to prevent the misuse of virtual assets and Virtual Asset Service Providers (VASPs) for money laundering, and the financing of terrorism and proliferation. FATF is due to publish a report at the end of June 2022, focussing on the implementation of FATF's travel rule, which requires VASPs to collect or send information on the identities of the originator and beneficiary with virtual asset transfers. The report will also provide an update on emerging risks and market developments that FATF continues to monitor, such as DeFi, NFTs and unhosted wallets.
• Discussed progress in developing guidance that aims to help countries implement the revised requirements of FATF relating to implementing the FATF standard on beneficial ownership information for legal persons. FATF intends to finalise the guidance in October 2022. 
• Finalised a report sharing good practices and recommendations for combating money laundering and terrorist financing by sharing information while adhering to data protection and privacy. This is the first report that provides tangible examples of information sharing initiatives with analysis of the data protection implications. It highlights the importance of collaboration and co-operation between anti-money laundering and data protection authorities and is due to be published in July 2022.

Back to the top

United Kingdom: DCMS publishes outcome of consultation "Data: a new direction"

On 17 June 2022, the Department for Culture, Media and Sport (DCMS) published the response to its consultation "Data: a new direction", setting out the government's plans to reform the UK's data protection regime.

The reforms are part of the government's National Data Strategy and the consultation presented proposals that build upon the UK's current regime.

Some proposals being taken forward include:

• Creating a limited list of legitimate interests for businesses to process personal data without applying the balancing test.
• Requiring organisations to operate a privacy management programme.
• Replacing the requirement to appoint a data protection officer with a requirement to designate a suitable individual to oversee the organisation's data protection compliance.
• Removing the requirement for data protection impact assessments.
• Various proposals in relation to cookies, including removing the requirement for prior consent for all types of cookies (once automated technology is available on websites to help users manage their preferences) and removing the consent requirement for analytics cookies and similar technologies.
• Clarifying the limits and scope of the rules on automated decision-making.

The upcoming Data Reform Bill, which was announced in the Queen's Speech on 10 May 2022, will draw on the results of the consultation. 

For more on the DCMS’ consultation response, take a look at this Engage article by members of Hogan Lovells’ London office.

Back to the top

Europe: Data Governance Act adopted by Council of the European Union and published in the Official Journal

On 16 May 2022, the Council of the European Union formally adopted the Regulation on European data governance and amending Regulation (EU) 2018/1724 (Data Governance Act, DGA) (2020/0340 (COD)). On 3 June 2022, the Regulation was published in the Official Journal of the European Union. 

The DGA, which was first proposed in November 2020, aims to increase trust in data sharing, create new rules on the neutrality of data marketplaces and facilitate the use of public sector data. 

The DGA entered into force on 23 June 2022 and the new rules will apply from 24 September 2023.

Back to the top

Europe: European Commission publishes Q&As on standard contractual clauses under EU GDPR

On 25 May 2022, the European Commission released long-awaited guidance for the Standard Contractual Clauses (SCC) adopted in June 2021. The Commission has developed Questions and Answers (Q&A) as a dynamic source of practical guidance on the use of SCCs. The Q&As respond to industry feedback on key practical aspects of the SCCs.

Some of the most notable takeaways from the Q&As are as follows:

• The SCCs are not suitable for data transfer to data importers whose processing operations are directly subject to the GDPR. Accordingly, the Commission is developing an additional set of SCC to use in this scenario, which will take into account the requirements that already apply directly under the GDPR. 
• Companies should explain to data subjects how they can obtain a copy of relevant SCCs. According to the Q&As, the Commission expects data exporters to inform data subjects that the SCCs are used to transfer data and explain how to obtain a copy of the clauses. Companies relying on the SCCs may therefore need to consider updating their privacy policies or other transparency notices to provide the required information. 

For more on the Q&As, take a look at this Engage article by members of Hogan Lovells’ London and Hamburg offices.

Back to the top

Europe: European Data Protection Board publishes documents adopted at its May plenary sessions 

On 31 May 2022, the European Data Protection Board (EDPB) announced in a news release that it had published documents adopted at its May 2022 plenary sessions.

At its 4 May plenary it adopted an EDPB-EDPS Joint Opinion on the proposed  EU Data Act.

At its 12 May plenary, it adopted the following documents:

• Draft Guidelines 04/2022 on the calculation of administrative fines under the GDPR which are open for public consultation until 27 June 2022.
• Draft Guidelines 05/2022 on the use of facial recognition technology in the area of law enforcement which are open for public consultation until 27 June 2022.
• EDPB letters to the European institutions on the protection of personal data in the AML-CFT legislative proposals.
• EDPB response to the joint payments industry regarding the Guidelines on the interplay of PSD2 and the GDPR.

Back to the top

Europe: European Data Protection Board adopts guidelines on certification as a tool for transfers

At its 66th Plenary session on 14 June 2022, the European Data Protection Board (EDPB) adopted guidelines on certification as a tool for transfers.

Certifications can be used as a tool for transferring personal data to third countries under Article 46(2)(f) of the EU GDPR where there is no adequacy agreement and are an alternative to standard contractual clauses.

The guidelines provide further clarification on the practical use of this transfer tool including purpose, scope, accreditation requirements for certification bodies, criteria for demonstrating the existence of appropriate safeguards for transfers and the binding and enforceable commitments to be implemented. They complement guidelines 1/2018 on certification, which provide more general guidance.

The guidelines will be subject to public consultation until the end of September 2022.

Back to the top

United Kingdom: UK government calls for views on measures to boost the security of data centres and cloud services

On 26 May 2022, the UK government launched a call for views on measures to enhance the security of data centres and cloud services as part of its National Data Strategy to ensure the security and resilience of the infrastructure on which data relies.

Contributions are invited from data centre operators, cloud platform providers, data centre customers, security and equipment suppliers and cyber security experts to understand the risks data storage and processing services face. The call for views will also ask companies which run, purchase or rent any element of a data centre to provide details of the types of customers they serve.

The government wishes to understand what digital security tools are currently used in other regulated sectors to address security and resilience vulnerabilities. 

Based on the evidence, the Department for Digital, Culture, Media and Sport (DCMS) will decide whether any additional government support or management is needed to minimise the risks that data storage and processing infrastructure face.

The call for views is open until 24 July 2022, and responses will be used to evolve existing government support and develop new policy solutions.

Back to the top

United States: California Privacy Protection Agency releases draft privacy regulations 

On 27 May 2022, the California Privacy Protection Agency (CPPA) – the new state privacy agency established under  the California Privacy Rights Act (CPRA) – published Draft Proposed Regulations (Draft Regulations) ahead of its 8 June 2022 Board meeting.

The Draft Regulations would make a significant number of changes to the CPPA regulations, including:

• Enhanced expectations to prevent dark patterns: The Draft Regulations establish five principles with which methods to submit CCPA requests and to obtain consumer consent must comply. These principles include “easy to understand,” “symmetry in choice,” “avoidance of language or interactive elements that are confusing to the consumer,” “avoidance of manipulative language or choice architecture,” and “easy execution.” The Draft Regulations would treat a violation of these five principles as a “dark pattern.”
• Broad agency enforcement authority: The Draft Regulations would provide the CPPA with broad powers to audit and enforce the CPRA. The CPPA would be permitted to audit any person to ensure compliance with the CPRA and initiate proceedings by sworn consumer complaint or on its own volition. 

For more on the Draft Regulations, take a look at this Engage article by members of Hogan Lovells' Washington, D.C., Denver and Miami offices.

Back to the top

People’s Republic of China: China issues draft specification for certification of cross-border transfers of personal information

On 29 April 2022, the National Information Security Standardisation Technical Committee issued the Draft Guidance on Network Security Standardised Practice – Technical Specification for Certification of Personal Information Cross-Border Processing Activities (Draft Specification), shedding some light on the certification mechanism set out in the Personal Information Protection Law (PIPL) that took effect from 1 November 2021.

The Draft Specification elaborates detailed requirements for the certification. Some key takeaways include:

• Binding agreements between exporters and importers of personal information. Certification in respect of intra-group transfers would require that some form of legally-binding agreement be in place between the data exporter and the offshore recipients. 
• Data Protection Impact Assessments (DPIA). Exporters would be required to carry out DPIA covering, in particular, the potential impact of the foreign legal environment and network security environment on data subject rights.  
• Responsibilities of relevant parties. Notably, the draft specification would require that the onshore party, i.e. the domestic affiliates or the local representative/agency, indemnify data subjects in respect of any losses arising from non-compliance. 

For more on the Draft Specification, take a look at this Engage article by members of Hogan Lovells’ Hong Kong and Beijing offices.

Back to the top

United Kingdom: Beta version of digital identity and attributes trust framework published

On 13 June 2022, the UK government published a beta version of its digital identity trust framework following testing and feedback. The framework is designed to set standards and rules that will foster trust in digital identity products, and will now be the subject of further testing.

The first version of the framework was published in February 2021, and this was replaced by an updated alpha version in August 2021. The beta version differs from the alpha version in the following key ways:

• As it was clear that government licensing was not yet a viable option, the framework now states that providers should gain direct certification via independent certification bodies. Providers can use existing certifications (including against potential scheme rules) to prove compliance.
• There is a requirement that any biometric technology used to verify and authenticate identities must be inclusive, accessible and tested against an industry standard.
• The technical guidance on specific data models has been replaced by an overarching, non-mandatory data scheme to allow for greater flexibility.
• The requirement that providers should only share data with other trust framework participants has been replaced with a requirement for providers to provide information on the services used in their supply chains.
• There is a new requirement for providers to allow users to retake an identity or attributes check if a check fails and there is no suspicion of fraudulent activity.

A data protection impact assessment of the trust framework will be published in due course, and future legislation will provide for a certification trust mark relating to the framework.

Back to the top

United Kingdom: DCMS publishes policy paper on developing outcomes monitoring framework for Plan for Digital Regulation

On 13 June 2022, the UK government's Department for Digital, Culture, Media and Sport (DCMS) published a policy paper on developing an outcomes monitoring framework for the Plan for Digital Regulation (the Plan), published in July 2021.

The policy paper sets out the objectives and outcomes of regulating digital technologies in relation to promoting innovation and competition, keeping the UK safe and secure online, and promoting a flourishing democratic society. In particular, the paper sets out the following objectives on innovation and competition:

• Digital markets are competitive and drive growth across the economy.
• Consumers trust they are treated fairly online and can exercise choice over the services they access.
• The UK has a vibrant digital economy where start-ups and scale-ups can prosper (alongside other firms).
• Businesses and other organisations are able to use data innovatively.

The paper sets out an initial set of indicators and planned next steps to strengthen the evidence base. However, it includes a call for evidence to seek views by 5 September 2022 on what indicators could feed into this work and address evidence gaps.

Back to the top

Singapore: MAS announces additional measures to strengthen the security of digital banking

On 2 June 2022, the Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) announced additional measures to further safeguard customers from digital banking scams. These measures complement other measures announced on 19 January 2022.

In consultation with MAS and the Singapore Police Force (SPF), banks are progressively implementing the following additional measures, which will be in full effect by 31 October 2022:

• Requiring additional customer confirmations to process significant changes to customer accounts and other high-risk transactions identified through fraud surveillance;
• Setting the default transaction limit for online funds transfers to S$5,000 or lower;
• Providing an emergency self-service ‘kill switch’ for customers to suspend their accounts quickly if they suspect their bank accounts have been compromised;
• Facilitating rapid account-freezing and fund recovery operations by co-locating bank staff at the SPF Anti-Scam Centre; and
• Enhancing fraud surveillance systems to take into account a broader range of scam scenarios.

To ensure sustained investment in the industry’s anti-scam initiatives, an ABS Standing Committee on Fraud, comprising the seven domestic systemically important banks, will take forward the work of the Anti-Scam Taskforce established in 2020. The Committee will report directly to the ABS Council and will drive the industry’s anti-scam efforts, implement robust measures to safeguard customers, and reinforce public confidence in the security of digital banking.

Back to the top

United Kingdom: CMA publishes report on lessons learned review of Open Banking remedy 

On 27 May 2022, the CMA published the final report of an independent review of the "lessons learned" review of the implementation of the Open Banking remedies, implemented following the CMA's Retail Banking Market Investigation. The review makes seven recommendations to the CMA, which has committed to implementing the recommendations in full. It will publish a further update next year on its progress in implementing a work programme on remedies, which will be shaped by the outcome of the review.

Back to the top

United Kingdom: HM Treasury response to consultation on proposed Senior Managers and Certification Regime for FMIs

On 7 June 2022, HM Treasury published its response following its consultation proposing a Senior Managers and Certification Regime (SM&CR) for financial market infrastructures (FMIs).

Having reviewed the responses, HM Treasury intends to design and implement an SM&CR for central counterparties (CCPs) and central securities depositories (CSDs). The government will legislate to create a new SM&CR ‘gateway’, when parliamentary time allows, which will enable HM Treasury to lay statutory instruments to apply the SM&CR to CCPs, CSDs, and, in the future, potentially to credit rating agencies and recognised investment exchanges.

HM Treasury also intends to legislate to implement an SM&CR for payment systems recognised under the Banking Act 2009 (recognised payment systems) and specified service providers to those recognised payment systems. However, this will be taken forward separately in the light of a forthcoming review of the regulatory perimeter for systemic firms in payments chains by the Bank of England.

HM Treasury does not currently plan to launch any further consultations on the underlying framework for the SM&CR. It will set out further details of its plans to implement the SM&CR for CCPs and CSDs in due course.

Back to the top

United Kingdom: Payment Systems Regulator consults on requirements for further participation in the Confirmation of Payee service 

On 24 May 2022, the Payment Systems Regulator (PSR) published a consultation paper (CP22/2) on requirements for further participation in the Confirmation of Payee (CoP) service.

In CP22/2, the PSR outlines its proposal to give a specific direction requiring approximately 400 payment service providers (PSPs) to implement a system to offer CoP to their customers (both as payers and payees). 

The PSR is keen to see more firms providing CoP protection. It is concerned that PSPs have been slow to implement CoP while there are still many consumers who are not protected from authorised push payment (APP) fraud and misdirected payments.

Because of the volume of PSPs involved, the PSR proposes giving a direction that splits the requirements for PSPs to implement a system to provide CoP into two groups:

• The first group will be prioritised based on the complexity and size of the institution or firm where the adoption of CoP could have the biggest impact in preventing APP fraud. This group consists of almost 50 PSP (listed in Annex 1). They would need to have implemented CoP by 30 June, 2023. This group would see an increase of CoP coverage from 92% of transactions made via Faster Payments to 99%.
• The second group includes all other firms which use either unique sort codes, or that are building societies using a Secondary Reference Data (SRD) reference type. They would need to have implemented CoP by 30 June 2024. This group consists of over 350 PSPs.

Comments can be made on the proposals until 8 July, 2022. If the PSR decides to proceed with the proposed direction, it plans to do so around 8-10 weeks after the July deadline.

Back to the top

Europe: European Payments Council publishes revised versions of SEPA payment scheme rulebooks 

On 25 May 2022, the European Payments Council (EPC) published revised versions of the following Single Euro Payments Area (SEPA) rulebooks:

• 2023 SEPA Direct Debit Core rulebook version 1.0 (EPC016-06), entering into force on 19 November 2023 and applicable up to and including 22 November 2025.
• 2023 SEPA Direct Debit Business-to-Business rulebook version 1.0 (EPC222-07), entering into force on 19 November 2023 and applicable up to and including 22 November 2025.
• 2023 SEPA Instant Credit Transfer rulebook version 1.0 (EPC004-16), taking effect on 19 November 2023 and applicable up to 23 November 2025 8.00 am CET. It has also published Maximum Amount for Instructions under the 2023 SEPA Instant Credit Transfer rulebook version 1.0 (version 3.0) (EPC023-16).
• 2023 SEPA Credit Transfer rulebook version 1.0 (EPC125-05), taking effect on 19 November 2023 and applicable up to and including 22 November 2025.
• SEPA Payment Scheme Management Rules (version 4.5) (EPC207-14), coming into effect on 25 April 2023 and remaining effective until further notice. 

The EPC has also published guidance on the migration to the 2019 version of the ISO 20022-based XML messaging standard (EPC087-22) and guidance to improve transparency for retail payment end-users (EPC088-22).

Back to the top

Europe: European Payments Council launches public consultation on the SEPA Request-to-Pay scheme Rulebook

On 25 May 2022, the European Payments Council (EPC) launched a public consultation on possible modifications to the SEPA Request-to-Pay (SRTP) scheme rulebook. The aim of the consultation is to ensure the SRTP scheme is able to develop with an evolving payments market. The consultation document can be found here. It includes: 

• Change requests submitted by stakeholder representatives including service provider communities and by the EPC’s ad-hoc Request-to-Pay Task Force (RTP TF) for possible modifications to be introduced into the next version (v3.0) of the SRTP scheme rulebook. 
• Change requests received following the 2021 public consultation on the SRTP scheme rulebook version (v1.0) that the RTP TF recommended to revisit in a further version of the SRTP scheme rulebook.
• RTP TF recommendations on the way forward with regard to the individual change requests.

The consultation closes on 26 August 2022.

Back to the top

United Kingdom: FCA consults on expanding dormant assets scheme and Dormant Assets Act 2022 (Commencement) Regulations 2022 come into force

On 13 May 2022, the FCA published a consultation paper (CP22/9) on expanding the dormant assets scheme (Scheme).

The Scheme allows banks and building societies to pay dormant monies to an authorised reclaim fund which then puts this money towards funding good causes. The FCA has been working with HM Treasury and Reclaim Fund Ltd (RFL) to expand the Scheme. In the light of this work, the FCA is proposing amendments to its rules and guidance to enable insurance, pension and securities firms to contribute dormant assets to an expanded Scheme.

The FCA will continue to work with HM Treasury, RFL and the industry to facilitate expansion of the Scheme for investment assets and client money. It has agreed to a staggered approach to expanding the Scheme to reflect differences between the different asset classes and their resolution processes.

Comments could be made on CP22/9 until 17 June 2022. The FCA hopes to finalise its proposals in July 2022.

On 27 May 2022, the Dormant Assets Act 2022 (Commencement) Regulations 2022 were published. The Regulations, which were made on 24 May 2022, bring into force on 6 June 2022 those provisions of the Dormant Assets Act 2022 that were not already in force, including the provisions relating to securities assets (sections 14 to 17) which, briefly, provide for the inclusion within the scope of the Scheme of the proceeds and distributions from dormant shares in public limited companies traded on a UK-regulated market or UK multilateral trading facility and unclaimed proceeds from corporate actions.

Back to the top

United Kingdom: FCA provides more information on decision not to amend PARs Linked Services List

On 19 May 2022, the FCA updated its webpage on its Linked Services List under the Payment Accounts Regulations 2015 (PARs). It announced in April 2022 that, following a review, it would not update the list.

The FCA has now provided more information on stakeholder feedback to its review and next steps for firms. Among other things, while stakeholders felt that the list was generally appropriate, some suggested the FCA could consider adding further services and some suggested that services like cancelling a cheque have become an outdated payment method and should be removed from the list. 

The FCA confirms that it will review the list again within four years, so by April 2026.

Back to the top

United Kingdom-Japan: UK and Japan launch Financial Regulatory Forum

On 10 June 2022, HM Treasury and the Financial Services Agency of Japan (JFSA) published a joint statement on the first meeting of the UK-Japan Financial Regulatory Forum, which was held on 9 June 2022.

The Forum is responsible for steering financial regulatory co-operation between the UK and Japan. Annex 8-A to the UK-Japan Comprehensive Economic Partnership Agreement (CEPA), which was signed in October 2020, contains provisions on the establishment of the Forum.

HM Treasury and the JFSA have also published an exchange of letters (also dated 9 June 2022) setting out a framework for regulatory co-operation, as envisaged in Annex 8-A. 

HM Treasury and the JFSA have operationalised the provisions in Annex 8-A that provide for the establishment of working groups to bring experts together to examine specific issues of mutual interest. They have agreed to establish a number of working groups, including one on innovation. This group will share expertise on payments, cryptoassets and financial innovation. It will consider how to support more innovative firms to establish and grow and how licensing and authorisation processes could be improved.

Back to the top

Global: World Bank publishes Fintech and Future of Finance Report 

On 17 May 2022, the World Bank published a paper on Fintech and the Future of Finance. 

The report explores the digital transformation underway in financial services and the implications of fintech on market outcomes, as well as regulation and supervision. It looks at the range of new market providers, business models, and products which have amplified the need for updated legal, regulatory and supervisory frameworks.

The report aims to be a useful guide for policymakers around the world as they seek to manage long-standing risks, and maximise the economic and social benefits of financial innovation.

Back to the top

United Kingdom: Treasury Committee report on future of financial services regulation

On 16 June 2022, the House of Commons Treasury Committee published a report on the future of financial services regulation.

The committee's conclusions and recommendations relate to issues including:

• Regulatory objectives and priorities: The FCA and the PRA should have a secondary objective to promote long-term economic growth designed to consider how financial services serve the ‘real economy’. 
• Retained EU law: HM Treasury and the regulators should publish a schedule of approximately when they expect each EU financial regulatory file to move across to the regulators' rulebooks, including timelines for consultation and when they expect the overall project to conclude.

Back to the top

United Kingdom: House of Commons European Scrutiny Committee launches post-Brexit regulatory divergence inquiry

On 14 June 2022, the House of Commons European Scrutiny Committee announced the launch of its new inquiry into regulating after Brexit and invited interested parties to submit written evidence by 22 July 2022.

The Committee observed that the UK government has made post-Brexit regulatory reform a priority. Alongside the Retained EU Law Bill, the Queen's Speech 2022 announced forthcoming legislation in the areas of agriculture, financial services and data, and the Committee considers it likely that other important sectors of the economy will be affected by the government's plans. The inquiry seeks to understand the views of affected stakeholders on questions such as:

• In which sectors is the UK well placed to diverge from the EU, and in which areas might divergence prove more challenging?
• Where and how should the UK diverge from EU rules in the priority sectors highlighted by the Committee (agriculture, data and financial services)? Are there any specific examples of retained EU law that should be kept, revoked, or revoked and replaced? What are the likely cost and resource implications of divergence and how can these be effectively managed?
• Should the government take a particular approach to regulating? Should the government give priority to legislation or use other methods such as self-regulation?

Back to the top

United Kingdom: Financial Ombudsman Service  discussion paper on its future funding model

On 14 June 2022, the Financial Ombudsman Service (FOS) published a discussion paper on creating a funding model for the future, which sets out possible changes to how the FOS is funded. The FOS is committed to considering revisions to its funding model, including those that might incentivise constructive behaviour by the industry, to resolve cases more quickly, and to ensure the financial sustainability of the FOS. 

Options for a future funding structure include introducing a differentiated case fee model to reflect the range of case complexity. The paper also sets out a plan for charging different case fees according to the stage the case has reached before it is resolved. 

The paper contains potential ideas on long-term funding issues that focus on charging professional representatives (i.e. claims management companies) a fee to bring complaints, offering a discount for cases resolved in batches and introducing supplementary fees for uncooperative firms.

The consultation closes to comments on 5 August 2022.

Back to the top

Europe: Eurogroup agrees on key elements for reforms to CMDI framework

On 16 June 2022, the Council of the EU published a statement made by the Eurogroup (the finance ministers of EU member states in the eurozone) on the future of the Banking Union.

In the statement, the Eurogroup states that work on the Banking Union should focus on strengthening the EU bank Crisis Management And Deposit Insurance (CMDI) framework. The Eurogroup has agreed on the broad elements that it considers should underpin a strengthened CMDI framework, including further harmonisation of the use of national Deposit Guarantee Schemes (DGSs) in crisis management, while ensuring appropriate flexibility for facilitating the market exit of failing banks in a manner that preserves the value of the bank's assets. There should be a harmonised least-cost test, administered by national authorities, to govern the use of DGS funds outside payout to covered depositors.

The Eurogroup states that, following the focus on revisions to the CMDI, it will identify "in a consensual manner" possible further measures with regard to the other outstanding elements to strengthen and complete the Banking Union. 

The European Commission has indicated that it intends to adopt legislative proposals to revise the CMDI framework later in 2022.

Back to the top

Payment Market Developments     

Global: Stripe expands bank transfer offering to businesses in the EU, UK and Mexico 

On 20 June 2022, Stripe announced it is expanding its bank transfer offering, which was only previously available to businesses in Japan, to businesses in the UK, the EU and Mexico. The bank transfer launch aims to take the friction out of bank transfers, saving time and resources for users.

Back to the top

Global: MoneyGram allows users in the U.S., Canada, Kenya and the Philippines to buy cryptocurrency using cash

On 10 June 2022, MoneyGram announced its partnership with the Stellar Development Foundation, which will enable users in the U.S., Canada, Kenya and the Philippines to buy cryptocurrency using cash, as well as withdraw crypto holdings in cash. Digital wallet users will be able to move cash to cryptocurrency without requiring a bank account or credit card.

Back to the top

South America: Visa launches its first crypto cards in Latin America 

On 13 June 2022, Visa announced the launch of its first crypto card in Latin America. This new offering will allow customers to make purchases in local fiat anywhere that Visa is accepted, purchase cryptoassets with existing credentials, and receive cashback in Bitcoin or other digital currencies. 

Back to the top

Europe: Marqeta and Western Union partner to allow remittance services to be offered online

On 6 June 2022, Marqeta and Western Union announced their European partnership, which will enable Western Union’s entire remittance service to be offered online, with funds to be disbursed to a physical or virtual Visa card.

Back to the top

United States: Paypal supports transfer of bitcoin and cryptocurrency to external wallets for U.S. customers 

On 7 June 2022, Paypal announced its users will be able to transfer, send and receive cryptocurrencies between PayPal and other wallets and exchanges. This will allow users to send crypto to family and friends on PayPal in seconds, with no fees or network charges.

Back to the top

United States: Checkout.com announces launch of stablecoin settlement solution

On 7 June 2022, Checkout.com announced its partnership with FireBlocks, which will offer merchants the flexibility of 24/7 stablecoin settlement. This will give merchants around-the-clock access to liquidity.

Back to the top

Saudi Arabia: MoneyGram partners with Mobily Pay to reach millions of new mobile users in Saudi Arabia

On 2 June 2022, MoneyGram announced their partnership with Mobily Pay, to launch MoneyGram’s international transfer capabilities on Mobily Pay. This will enable millions of consumers in Saudi Arabia to use the Mobily Pay mobile wallet to send money around the world in near real-time.

Back to the top

Global: Mastercard launches its biometric payment system trial in retail stores

On 17 May 2022, Mastercard launched its new Biometric Checkout Program globally. Once consumers are enrolled in the programme, they can pay for products using facial recognition technology, allowing them to pay with a smile or a wave.

Back to the top

Europe: TrustPay launches SEPA instant payments 

On 12 May 2022, it was reported that TrustPay has launched Single European Payments Area (SEPA) instant payments. This will enable TrustPay clients to make instant transactions with the immediate settlement of funds.

Back to the top

Global: Revolut brings international transfers to five new countries 

On 15 June 2022, it was reported that Revolut is launching a streamlined version of its app in 5 new countries – Sri Lanka, Chile, Ecuador, Azerbaijan and Oman - allowing customers to transfer money to over 50 countries using more than 30 currencies. 

Back to the top

Ghana: Bank of Ghana launches mobile wallet GhanaPay 

On 15 June 2022, the Bank of Ghana announced the launch of GhanaPay, a mobile wallet open to the country’s financial services sector. The launch accelerates Ghana’s migration to electronic payments.

Back to the top

Surveys and Reports

Global: Biometric mobile payments to reach $1.2 trillion globally by 2027

On 30 May 2022, Juniper Research published a new study which found the value of biometrically authenticated remote mobile payments will reach $1.2 trillion globally by 2027, rising from $332 billion in 2022.

These transactions will use biometrics, typically facial and fingerprint recognition, to authenticate remote mobile payments. This growth of 365% will be driven by recent regulatory changes, with the introduction of Strong Customer Authentication (SCA) pushing greater adoption.

The SCA requirement under PSD2 has pushed financial institutions to implement biometric authentication. To meet this requirement, financial institutions have capitalised on smartphone biometric authentication capabilities which has accelerated the technology’s adoption. 

The research found that the volume of biometrically authenticated remote mobile payments will grow by 383% over the next five years, reaching 39.5 billion globally by 2027.

Back to the top

Global: 96% of UK consumers have used contactless payments in the last year 

On 26 May 2022, Marqeta published their 2022 State of Consumer Money Movement Report, providing an in-depth look into consumer preferences in terms of how they bank, pay and shop two years into the pandemic. 

The report surveyed 4,000 consumers in the U.S., UK and Australia.

The survey shows the increasing prevalence of mobile wallets, on-demand delivery and cryptocurrency purchase preferences:

• 71% of U.S. consumers surveyed used a mobile wallet in the last 12 months;
• 56% of U.S. consumers surveyed felt comfortable leaving their wallets at home and taking their phones with them to make payments; 
• 38% of U.S. consumers surveyed own cryptocurrency;
• 96% of UK consumers have used contactless payments in the last year; and 
• 77% of Gen Z favour contactless payments. 

Back to the top

United Kingdom: 13 million adults in the UK are hesitant to invest in cryptocurrency due to low trust  

On 16 May 2022, it was reported that TMT Analysis has published research revealing that the UK’s crypto market is missing out on 13 million new customers due to its perceived lack of security.

The research showed that a quarter of UK adults declared they would be willing to invest, or invest more, in crypto if they could be reassured about their security concerns around the market. There remains considerable scepticism amongst potential investors which is holding back market growth. Over half (54%) of UK adults distrust cryptocurrencies as they do not believe the security processes in place are robust enough to protect investors. Similarly, almost two-thirds (63%) of UK adults aged over 55 are concerned over the security measures of crypto exchanges, compared to under half (42%) of 18-34 year olds.  

The report concludes that without enhancing security measures, crypto businesses are at risk of failing to fulfil their potential. 

Back to the top

Authored by Virginia Montgomery and Julie Patient

Hogan Lovells (Luxembourg) LLP is registered with the Luxembourg bar.