Financial Markets Regulatory Outlook 2018

Following the release of our flagship annual Regulatory Outlook at the start of 2018, the EMEA Centre for Regulatory Strategy are pleased to provide this mid-year update, which details what has transpired in financial regulation over the first half of 2018 and what’s left to come.

The findings at a glance

In the six months following the publication of our Regulatory Outlook 2018, a lot has happened.

• Meeting multiple regulatory deadlines. MIFID II, PRIIPs, BMR and GDPR are now live, with IDD still to come later in the year. With implementation deadlines now largely passed, supervisory attention will turn to more concerted oversight of compliance.
• Preparing for Brexit. Whilst a transition period was agreed at a political level, the fact that this is not yet legally binding means most firms have continued to execute their current contingency planning. Firms relocating to the EU27 are looking to either bulk up existing entities or establish new ones, and ensure they have the necessary infrastructure and personnel in place ahead of March 2019. 
• Supervisory spotlight on business models. Business models have continued to attract attention, with supervisory analysis increasingly incorporated into business as usual supervision and thematic review work. The ECB has completed its review of bank business models, but is not expected to publish its findings, while the FCA’s work on business models continues.
• Data protection, innovation and good customer outcomes. While May’s GDPR deadline drew significant attention to firms’ data protection approaches, we have also seen regulators increase their scrutiny over firms’ use of AI, with the FCA and PRA both having published papers outlining their expectations of firms’ governance and risk management of algorithmic trading. The European Commission also announced that it will develop its approach to AI by the end of 2018. 
• Customer vulnerability. The FCA has moved to incorporate consumer vulnerability into its day-to-day regulatory approach. Its review of high-cost-credit saw it propose a price cap for rent to own products, and we expect to see a similar rationale inform the outcome of other work on overdrafts and access to travel insurance. 
• Cyber risk and resilience. The ECB published its TIBER framework, published a consultation on its CROE for FMIs, and launch its Euro Cyber Resilience Board.  The FCA listed “data security, resilience and outsourcing” as a cross-sector priority in its business plan, while later in the year the SSM is expected to publish its cyber expectations for the banks it supervises.

Managing risks from internal models. We have seen a range of developments relating to firms’ internal models. EIOPA reaffirmed its plans to increase the scope of its work on model convergence, and in May published its first study on market and credit risk modelling. In the banking sector, the ECB has continued with its TRIM exercise, which we expect to continue into 2019.