Regulation in 2019: Our outlook
SM&CR is one of the biggest changes on the horizon for 2019 and could potentially cause a compliance headache for the advisory sector. We share our outlook on this regime and others for the year ahead.
Here you will find all our latest white papers, news and expert perspectives on the regulatory issues that affect you.
Findings from the FCA’s cyber and technology resilience survey
During 2017 and 2018 the FCA surveyed 296 firms to assess their technology and cyber capabilities, particularly around governance, change management, managing third party risks and cyber defences.
The survey highlighted:
The cyber and technology resilience of the UK’s financial services industry
In Megan Butler’s latest speech, the Executive Director of Supervision – Investment, Wholesale and Specialists discussed how resilient the industry is to cyber-attacks and technology outages.
The main focus of her speech was on how firms manage the risks that arise from the increasing use of technology. Between January and October 2018, there was a 138% increase in the number of technology outages reported to the FCA, with 18% being cyber-related. However, the test of a firm’s resilience isn’t in the absence of incidents, it’s how effectively those incidents are managed.
The regulator is concerned that firms do seem overconfident in their ability to manage IT change management programmes and systems maintenance, judging by responses to the FCA’s latest survey.
So, what does the FCA expect firms to do? The main thing is to find a solution that works for the individual firm. In the regulator’s experience, the best prepared firms are those that employ a three lines of defence model. One of the challenges, however, is ensuring the Board and senior managers have the right skills and knowledge to understand the risks posed by the technology used across the firm.
On the subject of cyber-resilience, Ms Butler highlights that there are still vulnerabilities in areas such as the identification of key assets, quality of information and detection of cyber-attacks. This comes down to weaknesses in systems and controls.
FCA publishes further Brexit consultation
The FCA has published a further consultation on proposals to prepare for the possibility of leaving the EU without an implementation. It covers a number of Handbook and binding technical standards (BTS) amendments that weren’t consulted upon in the October paper, including:
FCA issues Impact Assessment on EU withdrawal
The Treasury select committee requested to see the FCA’s assessment of the impact of the UK leaving the EU. Now the regulator has responded with an impact assessment paper, which focuses on three key area areas:
Read our full executive summary here.
FCA will delay launch of Credit Information Market Study
The FCA has announced that it is delaying the launch of its Credit Information Market Study. This is because the regulator has had to prioritise its market study on general insurance pricing. The regulator remains committed to delivering the market study and will publish terms of reference in June 2019.
In its work on assessing creditworthiness in the consumer credit market, the FCA sought industry views on access to, and use of, credit information. This included the timeliness, coverage and accuracy of data provided by credit reference agencies. There is a risk that consumers may experience harm if credit information isn’t shared and maintained effectively. The FCA will explore this risk further and if necessary, explore potential remedies in its market study.
Investment scammer jailed for five years following FCA prosecution
An investment scammer who defrauded investors of nearly £3 million through unauthorised investment schemes has received a five year prison sentence.
The schemes, which were operated between 2008 and 2017, were buoyed by a ‘pack of lies’ that defrauded the scammer’s friends and family. Of the £3 million handed to him, the scammer invested only £8,000, making a loss of £2,450, with £1 million put aside to fuel his own lifestyle.
The ruse was maintained by investors receiving returns upon their request when in reality it was just money from other victims. Correspondence from brokerages and banks was also forged, with pretend email addresses created to keep the illusion going.
The scammer was not FCA authorised and 17 of the 24 investors, who lost around £1.8 million between them, will only get limited compensation from funds restrained by the FCA.