On 6 January 2025, the European Securities and Markets Authority (ESMA) updated its Q&A on Alternative Investment Fund Managers Directive (AIFMD).

Are AIFMs allowed to delegate portfolio or risk management to non-supervised undertakings established outside of the EU?

No. 

Under point (d) of Article 20(1) of Directive 2011/61/EU, the delegation of portfolio or risk management functions to an undertaking established outside the EU requires that cooperation between the national competent authorities of the AIFM's home Member State and the supervisory authority of the third-country undertaking is ensured. Article 78(3) of Commission Delegated Regulation (EU) No 231/2013 sets out the minimum conditions necessary to ensure this cooperation.

Are AIFMs permitted to hold client money, taking into account also the wording of Article 6(4)(b)(ii) of the AIFMD? Will the situation change in light of the legislative amendments introduced following the AIFMD Review (Directive 2024/927/EU)?

No. 

Article 6(4)(b)(ii) of AIFMD states that an AIFM may be authorized to provide safekeeping services in relation to shares or units of funds but does not permit AIFMs to safekeep clients’ money. Such a service is, therefore, not compatible with Article 6(4)(b)(ii) of AIFMD. The situation will not change as a result of the extension of the scope of ancillary services under Article 6(4)(b) of the revised AIFMD (Directive (EU) 2024/927).

On 16 January 2025, the European Banking Authority (EBA) and European Securities and Markets Authority (ESMA) published a Joint Report on recent developments in crypto-assets, analysing decentralised finance (DeFi) and crypto lending, borrowing and staking.

EBA and ESMA find that DeFi remains a niche phenomenon, with value locked in DeFi protocols representing 4% of all crypto-asset market value at the global level. The report also sets out that EU adoption of DeFi, while above the global average, is lower than other developed economies (e.g. the US, South Korea).

EBA and ESMA observe that the number of DeFi hacks and the value of stolen crypto-assets has generally evolved in correlation with the DeFi market size. Since flows on decentralised exchanges represent 10% of spot crypto trading volumes globally, DeFi protocols present significant risks of money laundering and terrorist financing (ML/TF).

EBA and ESMA find the implications of maximal extractable value (MEV) on DeFi markets are widespread in DeFi and negative externalities of MEV would require technical solutions.

On the lending, borrowing and staking of crypto-assets, the report contains an analysis of the main types and typical features of the business models observed in the market, in both centralised and decentralised forms. These services are offered by a number of crypto-asset service providers (CASPs) in EU jurisdictions which in some cases also offer regulated crypto-asset services.

Based on the existing (limited) evidence, there appears to be limited engagement of EU consumers and financial institutions with crypto lending, borrowing and staking services. The report sets out and assesses the specific risks associated with each of them, such as excessive leverage, information asymmetries, exposure to ML/TF risks, and systemic risks arising from re-hypothecation and collateral chains, procyclicality and interconnectedness. In particular, some users may receive insufficient information on the terms and conditions of these services in areas such as fees, interest rates paid or yields, changes to collateral requirements, among other relevant disclosures. However, EBA and ESMA have not identified current risks from a financial stability perspective.

On 17 January 2025, the European Securities and Markets Authority (ESMA) updated its Q&A on Market in Crypto Assets regulation (MiCA).

The question contained in the update is as follows:

• Regarding ARTs or EMTs under MiCAR, what services provided in or into the EU constitute an offering to the public, a seeking admission to trading or a placing of an ART or EMT?
  Since the application of Titles III and IV of MiCA on 30 June 2024, any issuer of an asset-referenced token (ART) or e-money token (EMT) offered to public or admitted to trading in the Union will have to be authorised in the EU in accordance with Article 16(1) and Article 48(1), subject to the transitional provisions relating to ARTs referred to in Article 143(4) and (5) of MiCA.
  While the first sub-paragraph of Article 16(1) and Article 48(1) prohibits offering to public or seeking admission to trading unless the offeror or person seeking admission to trading is an authorised issuer complying with MiCA, the same applies to offering to public or seeking admission to trading by persons other than the issuer under the second subparagraphs of Article 16(1) and Article 48(1). Other persons than the issuer may offer to public or seek admission to trading of an ART or EMT, if the following conditions are met:
• the issuer of the ART or EMT is authorised in the EU in accordance with Article 16(1) or Article 48(1), respectively;
• the person must obtain a written consent from the issuer.

It follows from both first and second sub-paragraphs of Article 16(1) and 48(1) that offering to public or seeking admission to trading of ARTs or EMTs is only possible if the issuer of such tokens is authorised under MiCA.

Providing certain crypto-asset services amounts to an offering to public or seeking admission to trading. In particular, operators of trading platforms for crypto-assets that list ARTs or EMTs for which the issuer has not been authorised under MiCA are to be considered as persons seeking admission to trading on the own initiative of the operator under Articles 16(1) or Article 48(1).

Other crypto-asset services could also constitute an offering to the public, which requires a case-by-case assessment. For instance, providers of crypto-asset services engaged in exchange services, reception and transmission of orders or execution services could be regarded as making an offer where they promote or advertise, as part of these services, an ART or EMT.

Provision of crypto-asset services with respect to ARTs and EMTs that amounts to offering to public or admission to trading in non-compliance with Titles III and IV has been prohibited since 30 June 2024. This is the case also if the ARTs or EMTs had been first offered to public or admitted to trading before the application of Titles III and IV and continue to be offered to public or admitted to trading.

On 31 January 2025, the European Securities and Markets Authority (ESMA) published a supervisory briefing on the authorisation of Crypto Asset Service Providers (CASPs) under Markets in Crypto-Assets Regulation (MiCA).

The briefing, developed in close cooperation with National Competent Authorities (NCAs), promotes convergence and prevents regulatory arbitrage, providing concrete guidance about the expectations on applicant CASPs, and on NCAs when they are processing the authorisation requests. 

For example, the briefing contains clear guidance on: 

• Substance and governance and the ability of CASPs offering their service in the EU to operate autonomously and with sufficient in-country personnel.
• Outsourcing and the effective limits to set regarding the externalisation of functions and services. 
• Suitability of personnel and the importance for CASPs, and particularly its executive management, to demonstrate effective technical knowledge of the crypto ecosystem.

The guidance in the briefing helps NCAs, applicants and the general public to operationalise MiCA and RTS obligations into concrete controls and checks. Consequently, it serves to maintain a strong regulatory framework characterised by a consistent, effective, and forceful supervision.

NCAs are expected to apply the principles in the supervisory briefing during authorisation procedures, as well as ensure continued adherence for CASPs once they have been authorised.

On 30 January 2024, the European Commission published a letter to ESAs rejecting the RTS on subcontracting ICT services supporting critical or important functions under DORA.

On 17 July 2024, the ESAs sent the Commission a draft Delegated Regulation supplementing DORA with regard to regulatory technical standards on subcontracting ICT services supporting critical or important functions (RTS). The draft RTS specifies the elements that a financial entity has to determine and assess when subcontracting ICT services supporting critical or important functions.

The Commission notes that the draft RTS specifies the conditions and the criteria to be taken into account by financial entities when subcontracting ICT services supporting critical or important functions throughout the lifecycle of contractual arrangements between financial entities and ICT third-party service providers. In particular, financial entities are required to assess the risks associated with subcontracting during the precontractual phase, including the due diligence process. Furthermore, the RTS includes requirements for the implementation and management of contractual arrangements on subcontracting, including conditions to ensure that financial entities monitor the subcontractors effectively underpinning the ICT services that support critical or important functions.

The Commission considers that the requirements introduced by Article 5 of the draft RTS on the “Conditions for subcontracting relating to the chain of ICT subcontractors providing a service supporting a critical or important function by the financial entity” go beyond the empowerment given to the ESAs by Article 30(5) of DORA as introducing requirements not specifically linked to the conditions for subcontracting.

Against this background, the Commission rejects the draft RTS on mainly one specific aspect, namely that the content of the provisions relating to the monitoring of the subcontracting chain is not within the scope of the mandate set out in Article 30(5) of DORA. The Commission therefore considers that Article 5 and the related recital 5 are to be removed from the draft RTS to ensure its compliance with the mandate. Finally, the draft RTS contains targeted drafting amendments that do not affect the substance of the act and are aimed at improving the quality of the legal act.

The Commission intends to adopt the RTS submitted by the ESAs once the above-mentioned concerns are taken into account and the necessary modifications are made by the ESAs.

As per Article 10(1), sub-paragraph 5 of Regulation (EU) No 1095/2010, as amended, Article 10(1), sub-paragraph 5 of Regulation (EU) No 1094/2010, as amended, and Article 10(1), sub-paragraph 5 of Regulation (EU) No 1093/2010, as amended, where the Commission intends to adopt a draft RTS in part or with amendments, it shall send the draft RTS back to the Authority, explaining the reasons for its amendments, and within a period of 6 weeks, the Authority may amend the draft RTS on the basis of the Commission’s proposed amendments and resubmit it in the form of a formal opinion to the Commission.

On 22 January 2025, the European Supervisory Authorities (ESAs) published Commission’s guidance on the definition of ICT services under the Digital Operational Resilience Act (DORA).

The definition of ‘ICT services’ in Article 3(21) of Regulation (EU) 2022/2554 intentionally maintains a broad scope. Recital (35) of Regulation (EU) 2022/2554 indeed clarifies that, with the aim of maintaining a high level of digital operational resilience, the definition of ICT services should be understood in a broad manner to the extent that such services encompass digital and data services provided through ICT systems on an ongoing basis. Therefore, financial entities are responsible for undertaking an assessment on this basis to determine whether the services they rely on are ICT services, as defined under Article 3(21) DORA. Such assessment should be performed taking into account the clarifications from DORA Recital (63), which specifies that DORA should cover a wide range of ICT third-party service providers, including financial entities providing ICT services to other financial entities, and without prejudice to sectoral regulations applicable on regulated financial services.

Financial services may entail an ICT component. In the case that financial entities provide ICT services to other financial entities in connection to their financial services, the receiving financial entities should assess whether i) the services constitute an ICT service under DORA, and ii) whether the providing financial entities and the financial services they provide are regulated under Union law or any national legislation of a Member State or of a third country. In case both tests are positive, then the related ICT service should be considered to predominantly be a financial service and should not be treated as an ICT service within the meaning of DORA Article 3(21).

In case the service is provided by a regulated financial entity providing regulated financial services but is unrelated or is independent from such regulated financial services, the service should be considered as an ICT service under Article 3(21) DORA. 

The same rationale applies to ancillary services provided by an entity, depending on whether such ancillary services are regulated financial services or a service inseparable from, indivisible from, preparatory or necessary for the provision of a regulated financial service, and are not provided in a standalone manner. 

The clarification about the difference between financial services and ICT services is without prejudice to the requirements applicable to financial entities under DORA, other than the requirements related to ICT third-party risk management.

On 7 January 2025, the European Securities and Markets Authority (ESMA) published a Final Report on the Guidelines on stress test scenarios under the Money Market Funds (MMF) Regulation.

Article 28 of the MMF Regulation provides that ESMA shall develop guidelines with a view to establishing common reference parameters of the stress test scenarios to be included in the stress tests that MMFs or managers of MMFs are required to conduct. These guidelines are updated at least every year taking into account the latest market developments. ESMA published the latest update of these guidelines on 19 December 2023 and their translation on 6 March 2024 (2023 Guidelines also referred to as ESMA34-49-495).

This 2024 final report includes:

• Additional explanation on the way to report the results of the macro systemic shocks (section 4.8 of the Guidelines)
• Updated guidelines and risk parameters, so that managers of MMFs have the information needed to fill in the reporting template mentioned in Article 37 of the MMF Regulation (section 5 of the Guidelines)

The annex of this report contains the full text of the updated guidelines and the calibration of the scenarios for 2024 (updates in red).

The Guidelines in the annex of this report will be translated into the official EU languages and published on the ESMA website. The publication of the translations will trigger a two-month period during which NCAs must notify ESMA whether they comply or intend to comply with the guidelines.

The updated guidelines in this final report, including the new 2024 parameters, will apply 2 months after the publication of the translations of the Guidelines. After the start of the application of the updated guidelines, managers will have to report the results of the new parameters to NCAs with their quarterly reports, for the purpose of the reporting referred to in Article 37 of the MMF Regulation and set out in Commission Implementing Regulation (EU) 2018/708. Until then, managers should use the parameters set in the 2023 Guidelines and report the results accordingly.

On 14 January 2025, the European Securities and Markets Authority (ESMA) published a seventh market report on the costs and performance of EU retail investment products.

Despite this decline the cost levels of funds in the EU remain high by international standards. With more than 50,000 funds and an average fund size almost 10 times smaller than that of for example US mutual funds, EU funds do not exhaust the economies of scale commensurate with the EU’s single market. The market inefficiencies revealed by this higher cost level shows the need to focus on the competitiveness of EU markets, within a future Savings and Investments Union.

The key findings in the report are:

• Costs have declined, but investors should continue to consider fund fees carefully in their investment decisions – especially since costs have not dropped for all categories of funds: ongoing costs of mixed funds and equity passive funds have been relatively stable over time. 
• Returns progressed in 2023 but remained far from their 2021 levels. The annual net performance of bond and mixed funds improved between 2022 and 2023 but remained in negative territories.
• Ongoing costs of retail ESG funds remain lower or similar to the ongoing costs of non-ESG equivalents. Overall, ESG funds outperformed their non-ESG equivalents in 2023. This hides some disparities across asset classes: non-ETF equity ESG funds outperformed, while equity ETF, fixed income and mixed ESG funds underperformed.
• The market for Alternative Investment Funds remained dominated by professional investors and is less invested by retail investors compared with the UCITS market. The share of retail investors decreased between 2022 and 2023: from 14% to 11%. In 2023, annualised gross and net performance improved significantly compared with 2022, with all fund strategies having positive returns.
• In 2023, the share of products referencing interest rates and inflation rose to around one fifth of sales volumes, a sharp increase from 2022. This trend followed higher interest rates and inflation. Costs – largely charged in the form of subscription fees – fell in 2023 for some common product types, although they vary substantially by payoff type and country. Structured Retail Products that matured in 2023 consistently delivered positive returns in gross terms, but these figures do not consider the incidence of costs paid by investors.

This report aims at facilitating increased participation of retail investors in capital markets by providing consistent EU-wide information on cost and performance of retail investment products. Improvements in data availability continue, but significant data issues persist. 

Following the review of the AIF managers directive and the UCITS directive, ESMA has been mandated to produce a report on costs linked to investment in UCITS and AIFs. For the purpose of this report, ESMA launched a data collection exercise together with the national competent authorities. This analysis will be part of an enhanced 2025 ESMA market report on costs and performance of EU retail investment products that is expected to bring new insights and more granular information on fund costs.

On 29 January 2025, the European Commission published the Competitiveness Compass, the first major initiative of this mandate providing a strategic and clear framework to steer the Commission's work.

The Compass sets a path for Europe to become the place where future technologies, services, and clean products are invented, manufactured, and put on the market, while being the first continent to become climate neutral.

Over the last two decades, Europe has not kept pace with other major economies due to a persistent gap in productivity growth. The EU has what is needed to reverse this trend with its talented and educated workforce, capital, savings, Single Market, unique social infrastructure, provided it acts urgently to tackle longstanding barriers and structural weaknesses that hold it back.

The Draghi Report identified three transformational imperatives to boost competitiveness, and the Compass sets out an approach and a selection of flagship measures to translate each of these imperatives into reality:

• Closing the innovation gap,
• A joint roadmap for decarbonisation and competitiveness,
• Reducing excessive dependencies and increasing security.

The three pillars are complemented by five horizontal enablers, which are essential to underpin competitiveness across all sectors:

• Simplification: This enabler aims at reducing drastically the regulatory and administrative burden. It also involves a systematic effort to make procedures for accessing EU funds and getting EU administrative decisions simpler, faster, and lighter. The upcoming Omnibus proposal will simplify sustainability reporting, due diligence, and taxonomy. Furthermore, the Commission will facilitate doing business for thousands of small mid-cap companies. The Compass sets a target of cutting by at least 25% the administrative burden for firms and by at least 35% for SMEs.
• Lowering barriers to the Single Market: For 30 years, the Single Market has been Europe's tried and tested engine for competitiveness. To improve its functioning across all industries, a Horizontal Single Market Strategy will modernise the governance framework, removing intra-EU barriers and preventing the creation of new ones. In addition, the Commission will take the opportunity to make standard-setting processes faster and more accessible, in particular for SMEs and start-ups.
• Financing competitiveness. The EU lacks an efficient capital market that turns savings into investments. The Commission will present a European Savings and Investments Union to create new savings and investment products, provide incentives for risk capital, and ensure investments flow seamlessly across the EU. A refocused EU budget will streamline access to EU funds in line with EU priorities.
• Promoting skills and quality jobs. The foundation of Europe's competitiveness is its people. To ensure a good match between skills and labour market demands, the Commission will present an initiative to build a Union of Skills focusing on investment, adult and lifelong learning, future-proof skills creation, skill retention, fair mobility, attracting and integrating qualified talent from abroad and the recognition of different types of training to enable people to work across our Union.
• Better coordination of policies at EU and national level. The Commission will introduce a Competitiveness Coordination Tool, which will work with Member States to ensure implementation at EU and national level of shared EU policy objectives, identify cross-border projects of European interest, and pursue related reforms and investments. In the next Multiannual Financial Framework, a Competitiveness Fund will replace multiple existing EU financial instruments with similar objectives, providing financial support to the implementation of actions under the Competitiveness Coordination Tool.

On 9 January 2025, the European Banking Authority (EBA) published its final Guidelines on the management of Environmental, Social and Governance (ESG) risks.

The Guidelines set out requirements for institutions for the identification, measurement, management and monitoring of ESG risks, including through plans aimed at ensuring their resilience in the short, medium and long term.

The Guidelines specify requirements regarding the internal processes and ESG risk management arrangements that institutions should have in place in accordance with the Capital Requirements Directive (CRD6). They will contribute to ensuring the safety and soundness of institutions as ESG risks intensify and the EU transitions towards a more sustainable economy.

The Guidelines specify the content of plans to be prepared by institutions with a view to monitoring and addressing the financial risks stemming from ESG factors, including those arising from the adjustment process towards the objective of achieving climate neutrality in the EU by 2050. These plans will support the preparedness of institutions for the transition and should be consistent with transition plans prepared or disclosed by institutions under other pieces of EU legislation.

The Guidelines will apply from 11 January 2026 except for small and non-complex institutions for which the Guidelines will apply at the latest from 11 January 2027.

On 8 January 2025, the European Securities and Markets Authority (ESMA) published the 2024 European Single Electronic Format (ESEF) XBRL taxonomy files?and an update to the ESEF Conformance Suite to facilitate the implementation of the ESEF Regulation.

ESMA aims to support the implementation of the ESEF by providing XBRL taxonomy files and Conformance Suite test files that align with the requirements of the 2024 draft update to the ESEF Regulation and the 2024?update to the ESEF Reporting Manual.

The publication intends  to assist software vendors and issuers in preparing the 2024 IFRS consolidated financial statements using the most updated version of the ESEF format.  It will also facilitate EU issuers listed on US capital markets (known as ‘Foreign Private Issuers’) in meeting their reporting obligations with the US Securities and Exchange Commission (SEC). Nevertheless, the 2024 ESEF taxonomy files and the updated Conformance Suite will only discharge issuers from their EU ESEF obligations for their annual financial reports concerning financial years beginning on or after 1 January 2024 after the entry into force of the 2024 update to the ESEF Regulation.

Issuers may alternatively use the 2022 ESEF taxonomy files and conformance suite published by ESMA in December 2022,?for annual financial reports concerning financial years beginning on or after 1 January 2024.

The 2024 draft update to the ESEF Regulation was submitted by ESMA in May 2024, adopted by the European Commission on 27 September 2024 and cleared the scrutiny of the European Parliament and Council on 27 December 2022 without objection.

In 2023, ESMA decided to postpone to 2024 the amendment of the ESEF RTS to reflect the limited changes of the 2023 update of the IFRS taxonomy and focus on monitoring the implementation of the ESEF requirements and how to improve the electronic reporting process. The 2024 ESEF taxonomy incorporates the latest updates to the International Financial Reporting Standards (IFRS) taxonomy from 2023 and 2024, developed annually by the IFRS Foundation. The IFRS Foundation also publishes a versioning document detailing changes from previous taxonomies. The ESEF taxonomy package includes labels in all EU languages.

Under the ESEF Regulation, all issuers with securities listed on an EU regulated market must prepare their annual financial reports in xHTML and mark-up the IFRS consolidated financial statements using XBRL tags and iXBRL technology.

The 2024 update to the ESEF regulation will take effect on the twentieth day following its publication in the European Official Journal, which is expected by mid-January 2025.

On 24 January 2025, the European Commission adopted a Commission Delegated Regulation supplementing Markets in financial instruments regulation (MiFIR - Regulation (EU) 600/2014) as regards over-the-counter (OTC) derivatives identifying reference data to be used for the purposes of the transparency requirements laid down in Article 8a(2) and Articles 10 and 21.

Regulation (EU) No 2024/791, amending Regulation (EU) No 600/2014 entered into force on 28 March 2024. The amending Regulation changes the scope of pre- and post-trade transparency reporting for OTC derivatives. OTC derivatives are defined in Article 2, point (7), of Regulation (EU) No 648/2012 (European Market Infrastructure Regulation  - EMIR).

According to Article 8a(2) of MiFIR, OTC derivatives are subject to pre- and post-trade transparency if they: (i) are denominated in euro, Japanese yen, US dollars or British pounds sterling; (ii) are subject to the clearing obligation laid down in Article 5(2) EMIR; and (iii) are cleared centrally, i.e., none of the counterparties is exempt from the central clearing obligation.

The Delegated Regulation differentiates between interest rate and credit derivatives. As the issue of the daily expiry date has only arisen with the ISO 6166 (ISIN) for OTC interest rate swaps, the Delegated Regulation is mostly focused on this asset class (interest rates) and instrument type (swaps).

To allow enough time for ESMA to specify how identifying reference data should be reported and for the necessary adjustments to IT systems, the identifying reference data set out in this Delegated Regulation should be used from 1 September 2026. Until then, OTC interest rate swaps and OTC credit default swaps should continue to be identified in accordance with the rules currently in place.

Article 1 contains the operative rules on the identifying reference data to be used from 1 September 2026 for OTC interest rate and OTC credit default swaps for the purposes of the transparency requirements laid down in Article 8(a), and Articles 10 and 21 of MiFIR.

The Annex includes a table listing identifying reference data for OTC interest rate swaps. The Annex also includes a table listing standard business terms for the reference rates referenced in OTC interest rate swaps subject to the transparency requirements laid down in Article 8a(2), and Articles 10 and 21 of MiFIR.

On 24 January 2025, the European Securities and Markets Authority (ESMA) published a press release reminding on the start of Designated Publishing Entity (DPE) regime on 3 February 2025 and end of publication of systematic internalisers (SI) data.

ESMA reminds market participants that the new regime for the reporting of Over the Counter (OTC) transactions for post-trade transparency purposes becomes fully operational on 3 February 2025. ESMA also informs stakeholders that the quarterly publication of SI data will be discontinued with immediate effect. 

Following the MiFIR review, the responsibility for reporting OTC-transactions will shift from SIs to the new DPEs. The old approach has led many investment firms to opt in to the status of SI to be able to report the trades for their clients. When these firms were not dealing on own account on a systematic basis this added disproportionate requirements to them.  

The DPE regime allows National Competent Authorities (NCAs) to grant the status of DPE to investment firms. DPEs, when they are party to a transaction, will need to make these transaction public through an approved publication arrangement (APA).  

ESMA maintains a public register of DPEs by class of financial instruments, to help market participants to identify those entities.  

Following the application of the MiFID II amendments, it will no longer be necessary for ESMA to perform SI calculations from September 2025. In view of the resources needed to perform the calculations and the fact that the regime will end shortly, ESMA has decided to discontinue the voluntary publication of quarterly SI calculations data already now. This action will also reduce the administrative burden for investment firms.

Consequently, the mandatory SI regime will no longer apply from 1 February 2025, and investment firms will not need to perform the SI-test. However, investment firms can continue to opt into the SI-regime.

On 15 January 2025, the European Union published Commission Delegated Regulation (EU) 2025/19 of 26 September 2024 amending the regulatory technical standards (RTS) laid down in Delegated Regulation (EU) 2019/815 as regards the 2024 update of the taxonomy for the single electronic reporting format.

Commission Delegated Regulation (EU) 2019/815 specifies the single electronic reporting format to be used by issuers whose securities are admitted to trading on a regulated market for the preparation of their annual financial reports. Consolidated financial statements included therein are prepared either, in accordance with International Accounting Standards, which are commonly referred to as International Financial Reporting Standards (IFRS), adopted pursuant to Regulation (EC) No 1606/2002 of the European Parliament and of the Council, or in accordance with IFRSs as issued by the International Accounting Standards Board (IASB) which, based on Commission Decision 2008/961/EC, are considered as equivalent to IFRSs adopted pursuant to Regulation (EC) No 1606/2002.

The core taxonomy to be used for the single electronic reporting format is based on the IFRS Accounting Taxonomy and is an extension thereof. The IFRS Foundation updates the IFRS Accounting Taxonomy annually to reflect, amongst other developments, the issuance of new IFRSs, amendments to existing IFRSs, the analysis of disclosures commonly reported in practice, or improvements to general content or technology of the IFRS Accounting Taxonomy. Therefore, it is necessary to regularly update the regulatory technical standards to reflect the updates of the IFRS Accounting Taxonomy.

In March 2023 and March 2024, the IFRS Foundation published the updates to the IFRS Accounting Taxonomy. These updates are therefore to be reflected in Delegated Regulation (EU) 2019/815.

Annexes I, II and VI to Delegated Regulation (EU) 2019/815 should be updated to reflect those updates and provide additional guidance to issuers on tagging their financial statements. Although only certain parts of those Annexes need to be updated, it is necessary to replace those Annexes in their entirety to enhance, in particular, the readability for stakeholders of the applicable tables of the 2023 and 2024 updates. This will facilitate implementation of the tagging requirements and the highest standard of comparability of electronic financial statements drawn up in accordance with IFRS at Union and global level for end-users. Annexes III and V should also be updated to incorporate the most recent developments in the Inline XBRL specifications pertaining to Reporting Packages.

To provide issuers with enough time for the effective implementation of the new requirements, and to minimise compliance costs, the new taxonomy should apply to annual financial reports containing financial statements for financial years beginning on or after 1 January 2025. However, issuers should be allowed to implement the new taxonomy for financial years beginning on or after 1 January 2024.

The Regulation enters into force on 4 February 2025.

Delegated Regulation (EU) 2019/815, as amended by this Regulation shall apply to annual financial reports containing financial statements for financial years beginning on or after 1 January 2025.

However, Delegated Regulation (EU) 2019/815 as amended by this Regulation may be applied to annual financial reports containing financial statements for financial years beginning before 1 January 2025.

On 28 January 2025, the European Securities and Markets Authority (ESMA) published a Final Report on the European Market Infrastructure Regulation (EMIR) Regulatory Technical Standards (RTS) on colleges for central counterparties (CCPs).

This Final Report presents draft amendments to the RTS incorporated in Commission Delegated Regulation (EU) No 876/2013 on colleges for central counterparties.

The proposed amendments reflect the amendments to EMIR introduced by Regulation (EU) No 2024/2987 of the European Parliament and of the Council of 27 November 2024 as regards measures to mitigate excessive exposures to third-country central counterparties and improve the efficiency of Union clearing markets (EMIR 3).

The proposed draft amendments are limited in scope. They concern only competent authorities and do not impose any additional requirements on market participants. Taking this into account and to facilitate as soon as possible proper adjustment of CCP colleges to the new provisions of EMIR 3.

This report presents draft amendments to the Delegated Regulation to reflect the changes introduced by EMIR 3 to Article 18 of EMIR on the functioning of CCP colleges. Section II explains the background to ESMA proposals and outlines the proposed changes to the practical arrangements for the functioning of the colleges. Annex I presents the mandate under Article 18(6) of EMIR. The draft amendments to the Delegated Regulation are presented in Annex II.

The proposed draft amendments concern the practical arrangements for the functioning of the college with regard to: the respective roles of the co-chairs and the interaction between them, the information to be shared with the college and the modalities of communication between college members.

The Final Report, including the draft amendments to the Delegated Regulation presented in Annex II will be sent to the Commission. The Commission has three months to decide whether to endorse the amendments to the technical standards in the form of a Commission Delegated Regulation. Following the endorsement, they are then subject to non-objection by the European Parliament and the Council.

On 31 January 2025, the European Union published a Commission Implementing Decision (EU) 2025/215 extending time-limited equivalence for UK central counterparties (CCPs).

This decision will ensure EU financial stability in the short term and provide clarity to EU financial market participants.

This extension is designed to provide time for the implementation of the European Market Infrastructure Regulation (EMIR 3). EMIR 3 contains measures that will improve the attractiveness and competitiveness of EU clearing markets. This will help reducing the EU’s overreliance on systemically important UK CCPs, thus reducing risks to EU’s financial stability in the medium term.

It will enter into force on 1 February 2025 and apply from 1 July 2025, leaving no gap or uncertainty for EU market participants.

On 31 January 2025, the European Central Bank (ECB) published FAQs on Initial Margin model approvals under European Market Infrastructure Regulation (EMIR 3).

The questions are as follows:

FAQ 1. Which banks are affected by the no action letter on the application of the European Market Infrastructure Regulation (EMIR) published on 17 December 2024 by the European Banking Authority (EBA)?

All significant institutions (SIs) that are subject to initial margin (IM) requirements in accordance with Article 11 of EMIR and Article 36 of the Regulatory Technical Standard (RTS) 2016/2251 and that are currently using a model to calculate IMs or that intend to use such a model in the future.

FAQ 2. In light of the EBA opinion on the application of EMIR 3, what will the ECB interim approach be, until the EBA RTS/guidelines become applicable?

The ECB will pause the processing of any IM model applications submitted by SIs until they have been updated to comply with the requirements specified by the forthcoming RTS/guidelines on IM model validation.

FAQ 3. What if an SI is already using an IM model before the entry into force of EMIR 3?

SIs must seek new authorisation for existing IM models as soon as they implement any model change, regardless of its materiality. Recalibrations are also considered model changes in the absence of specific guidance in EMIR 3.

FAQ 4. When should an SI apply if it intends to use an IM model for the first time after the entry into force of EMIR 3?

For IM models that were not being used prior to the entry into force of EMIR 3, SIs should submit applications before those models are used for the first time. SIs can use such IM models immediately after submitting those applications, after which the approach described in FAQ 2 applies.

FAQ 5. What if multiple entities in the group are using or plan to use an IM model?

If more than one legal entity in a banking group is using an IM model (or intends to use an IM model), the parent institution should submit a joint application covering all the legal entities of the group using that IM model (or willing to use that IM model). This applies to both the initial adoption of IM models and any subsequent model changes that affect more than one legal entity.

FAQ 6. What happens when the EBA establishes its central validation function?

SIs that have submitted a pro-forma model application (e.g. the International Swaps and Derivatives Association’s Standard IM Model) must also submit it to the EBA, as it will be directed by the EBA.

FAQ 7. What happens when the EBA RTS/guidelines become applicable?

When the EBA RTS/guidelines become applicable, SIs should update their applications based on the requirements in those acts.

FAQ 8. How long will the approval process take?

The ECB will grant or refuse an authorisation within six months for a first-time adoption of a model and within three months for model changes. These time frames will only start from the date on which the application is completed according to the forthcoming EBA RTS/guidelines.

FAQ 9. What information should be submitted to the ECB when applying for IM model approval for the first time?

All the information that SIs are required to submit is included in the relevant Annex of the EBA Opinion (page 5).

FAQ 10. What happens if the information on which the application is based has changed?

Until the entry into force of the EBA RTS/guidelines, the ECB expects information on subsequent changes to IM models to be notified to the ECB on a yearly basis, as described in the Annex of the EBA Opinion (page 6). The updated information should be submitted every year by 31 March.

FAQ 11. To whom should the applications be addressed?

All IM model applications should be submitted to the relevant Joint Supervisory Team. After the establishment of the EBA central validation function (see FAQ 6), applications of pro-forma models should be submitted to both the relevant Joint Supervisory Team and EBA. Following the establishment of the European Securities and Markets Authority’s central database, such applications and relevant updates are only expected to be submitted via this database.

On 6 January 2025, the Chambre des représentants de Belgique published a draft law on the digital operational resilience of the financial sector and containing various provisions.

This bill aims primarily to ensure the implementation in Belgium of the DORA regulation of 14 December 2022. This regulation aims to establish a uniform framework at European level for the digital operational resilience of the financial sector. The objective is to guarantee its technological security, its proper functioning and its rapid recovery after breaches of the security of information and communication technologies and incidents related to them.

The DORA regulation applies horizontally to companies in the financial sector, regardless of their status and complements, in terms of digital operational resilience, the prudential rules already applicable.

The vast majority of the provisions of the DORA regulation are directly applicable. Only certain provisions must be adopted by the Belgian legislator.

The DORA regulation is accompanied by the DORA directive of 14 December 2022, which makes a number of specific amendments to the sectoral financial directives. The bill also aims to transpose the DORA directive into Belgian law.

In addition, this bill also aims to refine the distribution of powers between the FSMA and the National Bank for monitoring compliance with the Securitisation Regulation of 12 December 2017.

Finally, this bill aims to implement the EU Green Bonds Regulation of 22 November 2023. The latter establishes a harmonised legal framework for bonds issued by companies and sovereign issuers who wish to use the term “European green bond” or “EuGB”.

On 17 January 2025, the Financial Services and Markets Authority (FSMA) published results of the second investigation concerning the entry into force of Digital Operational Resilience Act (DORA).

In November 2024, the FSMA carried out a second survey to verify the degree of preparedness of financial entities for the entry into force of the DORA, scheduled for 17 January 2025. The DORA sets ambitious targets for digital operational resilience, the purpose of which is to protect financial entities and their customers. The results of this second survey show that many financial entities are on track to meet the targets set by the DORA Regulation, but that they will still need to make significant efforts to fully comply with its provisions. In view of the imminent entry into force of the Regulation, these entities still have a significant challenge to overcome. Due to the low participation rate in the survey, the level of implementation of the DORA Regulation also remains difficult to determine among a significant proportion of entities subject to the requirements of this regulation.

93 of the entities covered responded, representing an overall participation rate of 36%. It is worrying to note that this overall participation rate is 14 percentage points lower than that observed in the first survey organised by the FSMA in 2023. This could indicate that preparations for the entry into force of the DORA Regulation are not going well with many financial entities. If this is the case, the latter are urged to take the necessary steps to comply with the provisions of the Regulation applicable to them.

The analysis of the participation rate shows that 60% of self-managed UCITS and 50% of crowdfunding service providers responded to the survey, whereas they had been the major absentees in 2023. The FSMA welcomes this, as well as the higher participation rate among insurance intermediaries (including those on an ancillary basis) and reinsurance intermediaries (28% compared to 19% in the first survey). The FSMA is also pleased to note that a high participation rate remains among portfolio management and investment advisory firms (88% compared to 94% in the first survey) and managers of UCIs(A) (81% compared to 88% in the first survey).

The level of maturity as estimated by the participating entities for each DORA theme is progressing overall, except in terms of risk management related to ICT third-party service providers.

The FSMA hopes that all the financial entities concerned will have taken advantage of the period between the conclusion of this investigation and the entry into force of the Regulation to prepare for this milestone in an adequate and sufficient manner.

The FSMA will use these initial findings to guide its future supervisory actions. In the future, the Commission may conduct further investigations in which entities will be obliged to participate and, in this context, require entities to substantiate or substantiate their responses with additional documentation. This will allow the FSMA to deepen its assessment of entities' compliance with the requirements of the DORA Regulation. These initiatives will also aim to continuously measure and strengthen the digital operational resilience of financial sector actors.

On 21 January 2025, the Financial Services and Markets Authority (FSMA) published a clarification on the collection of the register of information on third-party providers and on the reporting of major ICT incidents.

The Digital Operational Resilience of the Financial Sector (DORA) regulation came into force on 17 January 2025. On this occasion, the FSMA published details on the obligations of financial entities to collect the register of information on ICT third-party service providers and to report major ICT incidents. This publication discusses the scope and implementation of these obligations.

This information may be supplemented or clarified in the future, following the modification of the legal framework in force or on the basis of the experience acquired during the application of the Regulation.

The DORA Regulation requires financial entities to maintain and update an information register containing all contractual arrangements relating to the use of ICT services provided by third-party ICT service providers.

In accordance with Article 28(3)(4) of the DORA Regulation, the FSMA may request financial entities to make available to it the complete register of information or, where applicable, specific sections thereof, as well as any information deemed necessary to ensure effective supervision of the financial entity.

Following a recent decision of the European Authorities of monitoring, the FSMA is required to collect the complete register of information from the financial entities under its supervision and to transmit it to those authorities by 30 April 2025. This collection is intended to enable the European Supervisory Authorities to designate critical ICT third-party service providers over which they are responsible for supervising.

Financial entities subject to DORA are required to communicate their complete information register to the FSMA, subject to the following details:

• financial entities that are not part of a group of financial entities must disclose their information register at the individual level.
• financial entities that are part of a group of financial entities whose other members have their registered office outside the European Union must communicate their information register to the FSMA at the individual level;
• in the case of a group of companies, only the information register of the company at the highest level of (sub-)consolidation over which the FSMA supervises will have to be communicated to it. In addition, the information registers transmitted to the FSMA must contain only information on financial entities that are placed under the supervision of the FSMA.
• for the purpose of administrative simplification, financial entities that individually fall under two separate statuses, one of which is subject to the supervision of the FSMA and the other of the National Bank of Belgium, are not required to communicate their information register to the FSMA. This applies to insurance intermediaries or providers of alternative financing services (crowdfunding platforms) that also have the status of credit or payment institution at individual level. These financial entities will have to communicate their information register to the supervisory authority of their main status, in this case the National Bank of Belgium.

On 13 January 2025, the Financial Services and Markets Authority (FSMA) and the National Bank of Belgium (NBB) published an updated version of their report asset management and non-bank financial intermediation in Belgium.

The NBB and the FSMA consider that the risks associated with these activities in Belgium are currently limited. However, there are events and incidents in other countries that are a reminder of vulnerabilities that need to be addressed. International institutions such as the FSB and IOSCO have made various recommendations and proposals for action in this regard. It is essential to follow up on them, especially with a view to deepening the European Savings and Investment Union.

In 2017, the FSMA and the NBB published a first detailed report on asset management and non-bank financial intermediation in Belgium. The fifth update of the report, containing recent figures and an analysis of key national and international developments, is now available.

The main objective of this report is to closely monitor the evolution of the situation. Supervisors are particularly interested in the risks associated with these activities and their interactions with other sectors.

The term "non-bank financial intermediation" or "NBFI" covers a very diverse set of entities and activities outside the banking system. In a broad sense, it encompasses not only entities such as insurance companies, pension funds and central counterparties, but also entities with little or no regulation such as family offices.

In this report, the NBB and the FSMA have adopted a risk-based approach to the delineation of non-bank financial intermediation. As a result, they have focused on a narrower segment of the non-bank financial sector: entities engaged in credit intermediation activities that could create similar financial stability risks to banks, for example through the use of leverage or liquidity transformation. There are several methods for delineating the area and estimating its extent. According to the one proposed by the Financial Stability Board (FSB), the sector represented €172 billion in assets at the end of 2023.

The report also focuses on asset management. The term "asset management" refers to the segment of the financial sector that manages financial assets on behalf of investors. The focus is on collective management through investment funds, although asset management can also include discretionary portfolio management of individual investors. At the end of 2023, the net assets of Belgian investment funds amounted to €215 billion, while Belgian managers managed €208 billion in assets.

A well-developed, diversified, and resilient financial sector is essential to ensure stable financing of the real economy and meet the needs of savers and investors. For firms, governments and households, non-bank financial intermediation can provide an alternative source of financing to bank lending while broadening the range of investment opportunities.

In the face of geo-economic developments and climate change, a strengthening of the internal market is now one of the priorities to help meet the financing needs of the European economy. The development of the European Savings and Investment Union (EUI) could thus lead to a shift of savings from bank accounts to long-term investments in capital markets.

These developments reinforce the need to ensure financial stability and investor protection in the NBFI sector.

The Belgian market for non-bank financial intermediation is of limited size and importance compared to those of other countries. It represents less than 0.5% of the world market and about 1% of the European market. While the sector is equivalent to 98% of GDP in other developed economies, the estimated €172 billion in assets in Belgium represents only 29% of GDP.

These are mainly assets held by investment funds that are not equity funds. The vast majority of these funds are subject to the control of the Belgian authorities.

The relatively small size of the Belgian non-bank financial intermediation market shows that most of the financial intermediation in the country still goes through banks. It also reflects a relatively strong interconnectivity between Belgian entities and foreign NBFI players, located in particular in other European countries.

Some events and incidents in other countries, such as the bankruptcy of the Archegos family office in 2021 and the tensions in the UK government bond market in 2022, have revealed vulnerabilities in the NBFI sector. The main ones relate to liquidity, the use of leverage and interconnectivity within the financial system.

International organizations such as the FSB and the International Organization of Securities Commissions (IOSCO) have implemented an ambitious work program to detect and manage vulnerabilities and thus promote financial stability. They have already made various recommendations and proposals for action in this regard.

In Europe, the European Systemic Risk Board (ESRB) and the European Securities and Markets Authority (ESMA) have conducted analysis and policy development work on the NBFI sector, while the European Commission has launched a targeted consultation to gather stakeholders' views on the establishment of a macroprudential framework specific to the NBFI sector.

At the Belgian level, the NBB and the FSMA did not identify any significant risks related to the scale and nature of non-bank financial intermediation in Belgium or the interconnectivity of Belgian entities with foreign NBFI players. On the other hand, they reaffirm the important role of the European and international regulatory framework in preserving financial stability.

The NBB and the FSMA therefore continue to actively participate in international work aimed at better understanding European and global developments in the NBFI sector and strengthening the regulatory framework where necessary.

On 14 January 2025, Belgium publishes law transposing Directive (EU) 2021/2167  on credit servicers and credit purchasers.

This law defines the regime applicable to:

• credit servicers under Belgian law and credit servicers under foreign law operating in Belgium, with regard to the rights of a creditor under a non-performing credit agreement, or with regard to the non-performing credit agreement itself, concluded by a credit institution established in the European Union, acting on behalf of a credit purchaser;
• credit purchasers governed by Belgian law in respect of a creditor's rights under a non-performing credit agreement or in respect of the non-performing credit agreement itself concluded by a credit institution established in the European Union.

This law applies to:

• credit servicers under Belgian law and credit servicers under foreign law operating in Belgium, acting on behalf of a credit purchaser in relation to the rights of a creditor under a non-performing credit agreement, or in relation to the non-performing credit agreement itself, concluded by a credit institution established in the European Union in accordance with the applicable European Union law, and national law;
• creditors,
• credit institutions governed by Belgian law which intend to enter into a contract with a credit purchaser for the transfer of the creditor's rights under the non-performing credit agreement or for the transfer of that non-performing credit agreement itself.

The FSMA is responsible for monitoring compliance with the provisions of this law, without prejudice to the powers conferred on the FPS Economy in accordance with the Code of Economic Law.

On 24 January 2025, the Comissão de Valores Mobiliários (CVM) published the Circular Letter CVM/SNC/SSE/SIN 1/2025 with accounting guidelines in force of CVM Resolution 175. CVM Resolution 175 provides that, in the case of the constitution of investment funds with classes of quotas with different rights and obligations, the administrator must constitute segregated equity for each class and also vetoes the linking of part of the equity of a class of quotas to any subclass. In addition, CVM Resolution 175 presents, in some articles, determinations on the preparation of financial statements and the performance of audit services: 

• Article 66: establishes that the investment fund and its classes of quotas must have their own bookkeeping, and there must be segregation of accounts and financial statements. 
• Article 67: establishes that the financial statements of the funds, which have different classes of quotas, are composed, at least, of the balance sheet, the statement of income for the year and the statement of cash flow, with no obligation to prepare consolidated statements. 
• Article 68: determines that the preparation and disclosure of financial statements must comply with the specific rules issued by the CVM, according to each category of investment fund. 
• Article 69: determines that the financial statements of investment funds and their classes of quotas must be audited by an independent auditor registered with the CVM.

On 2 January 2025, the Comissão de Valores Mobiliários (CVM) advises on obtaining registration and CPF for non-resident investors exempt from registration with the Authority. This CVM/SIN Circular Letter 01/2025 contains updates on the new operational dynamics for obtaining registration and CPF for non-resident investors exempt from registration with the Authority, pursuant to CVM Resolution 13. According to the document, the new dynamic must be applied to non-resident individual investors, including when participating in a collective account, so that they do not depend on any type of registration or authorization from the Authority to operate, as established in article 2, sole paragraph, of CVM Resolution 13. The new letter contains updates brought in CVM/SIN Circular Letter 08/2024. The SIN/CVM also points out that, while the operational system of CVM/SIN Circular Letter 09/2023 is in force, the non-resident individual investor who is a participant in a collective account may also use the fictitious operational code.

On 21 January 2025, the Comissão de Valores Mobiliários (CVM) published a study on the process of analyzing the investor profile (suitability) and the effectiveness of CVM Resolution 30. The study concludes that CVM Resolution 30 has a positive effect, as it is below its potential level. In addition, the material indicates that two rules issued in 2024 by the CVM should exert a positive influence on the effectiveness of CVM Resolution 30: 

• CVM Resolution 179 (amended CVM Resolution 35): requires the disclosure of the remuneration due to investment advisors in the distribution process and the information of potential conflicts of interest;
• CVM Resolution 210: establishes rules regarding the portability of investments in securities.
  In addition to CVM Resolutions 179 and 210, which should exert a positive influence on the effectiveness of CVM Resolution 30, the study proposes the following improvements to the rule: 
• Sharing risk profile information within the scope of open finance;
• Clarifications on the use of information that go beyond the minimum required by law;
• Use of utilities or centralizing participants in the registration process;
• Explicit interference by the intermediary in the process of assessing the investor's risk profile; 
• Incorporation into the rule of the interpretations of pertinent Circular Letters;
• Review of the "Term of Awareness of Disqualification and Risk";
• Insertion of the item "complexity" in the criteria for analysis and classification of the categories of monetary value. 

CVM Resolution 30 proves to be effective in providing a basis for the actions of self-regulators (BSM and ANBIMA) and regulators (CVM). As a result, the study highlights the reduction in the number of audits per number of intermediaries registered with the CVM (2019 and 2023), that n addition to the drop in the percentage of unmapped risk profiles. The study also indicates an improvement in the application of the suitability process, given that the number of complaints related to the inadequacy of investments did not increase in the same proportion, even in the face of the increase in the number of new investors in the stock market.

On 23 January 2025, the Comissão de Valores Mobiliários (CVM) published the CVM/SIN Circular Letter 2/2025 with interpretations of provisions of CVM Resolution 175. This circular letter provides Q&As in the following areas:

• Integration into assets
• Performance of the Fiduciary Administrator
• Composition of the Portfolio
• Deadline for the classification of Infrastructure Equity Investment Fund (Fundo de Investimento em Participações em Infraestrutura – FIP-IE and Investment Fund for Participation in Economic Production Intensive in Research, Development and Innovation (Fundo de Investimento em Participação na Produção Econômica Intensiva em Pesquisa, Desenvolvimento e Inovação - FIP-PD&I)
• Constitution and Powers of Committees
• Application in Simple Loan Agreements
• Investment Limits
• Role of Assignments
• Investment in Partnership in Participation Accounts (Sociedade em Contas de Participação – SCP)

On 27 January 2025, the Comissão de Valores Mobiliários (CVM) included FIDCs in its cooperation agreement with ANBIMA (Brazilian Association of Financial and Capital Markets Entities) to take advantage of self-regulation of the fund industry. The expansion of the cooperation agreement between the CVM and ANBIMA for the supervision of the fund industry came into force. With the novelty, the partnership also covers FIDC (Credit Rights Investment Funds), covering about 90% of the sector (more than 28 thousand funds) under joint monitoring. Until then, only FIF (Financial Investment Funds) were part of the agreement, which provides for the possibility of the agency taking advantage of the monitoring work of the fund industry carried out by ANBIMA. The supervisory work carried out by ANBIMA in the agreement includes, among other activities, the verification of compliance with the self-regulation rules related to FIDCs, the sending of requests for information to the service providers of the funds, and guidance and support actions for institutions, with a focus on preventing possible violations of the self-regulation codes. In the first half of 2024, the FIF agreement resulted in five terms of commitment and eight letters of recommendation for institutions that follow ANBIMA's self-regulation codes. Throughout the history of the agreement, which has existed since 2018, more than 40 terms have been signed and about 30 letters have been sent to financial institutions.

On 30 January 2025, France published a Decree on AML reporting in case of ERMES failure.

The decree of 6 June 2013, based on Article R. 561-31 of the Monetary and Financial Code, outlines how professionals should transmit suspicion reports to TRACFIN, as required by Article L. 561-15 of the same code. Typically, this transmission occurs through a secure, digital platform called "ERMES," with exceptions granted for certain professionals and emergency situations.

The current decree aims to standardize the reporting process for all professionals subject to AML/CFT regulations by mandating the use of the ERMES platform. The use of typed suspicion reports is reserved strictly for emergencies or if the platform is unavailable. Additionally, the decree corrects regulatory references. This decree takes effect on 1 February 2025.

Version française

Le 30 janvier 2025, la France a publié un décret relatif à la déclaration de soupçon en cas de défaillance du système ERMES.

Le décret du 6 juin 2013, fondé sur l'article R. 561-31 du code monétaire et financier, précise comment les professionnels doivent transmettre les déclarations de soupçon à TRACFIN, comme l'exige l'article L. 561-15 du même code. Cette transmission s'effectue généralement par le biais d'une plateforme numérique sécurisée dénommée « ERMES », sauf exceptions accordées à certains professionnels et situations d'urgence.

Le présent décret vise à uniformiser le processus de déclaration pour tous les professionnels soumis à la réglementation LAB/CFT en rendant obligatoire l'utilisation de la plateforme ERMES. L'utilisation de la déclaration de soupçon dactylographiée est strictement réservée aux situations d'urgence ou d'indisponibilité de la plateforme. Par ailleurs, le décret corrige des références réglementaires. Ce décret prend effet le 1er février 2025 

On 1 January 2025, the Autorité des marchés financiers (AMF) updated its Instruction DOC-2019-23 on the regime applicable to CASPs.

The document contains instructions for the financial sector on the regime applicable to digital assets service providers.

Version française

Le 1er janvier 2025, l'Autorité des marchés financiers (AMF) a mis à jour son instruction DOC-2019-23 relative au régime applicable aux PSAN.

Ce document contient des instructions à destination du secteur financier sur le régime applicable aux prestataires de services d'actifs numériques.

On 1 January 2025, the Autorité des marchés financiers (AMF) published the instruction DOC-2012-07 on complaints management for service providers.

The instruction concerns the handling of complaints related to any financial instrument, investment service, digital asset, and service involving digital assets within the remit of the AMF when the service provider is authorized. It outlines the information to be provided to the client about the complaint handling system and access to a mediator. It details the procedures to be implemented for effective, equal, and harmonized treatment and includes monitoring to correct any dysfunctions.

Version française

L'Autorité des Marchés Financiers (AMF) a publié le 1er janvier 2025 l'instruction DOC-2012-07 relative à la gestion des réclamations des prestataires de services.

L'instruction concerne le traitement des réclamations liées à tout instrument financier, service d'investissement, actif numérique et service impliquant des actifs numériques relevant de la compétence de l'AMF lorsque le prestataire est agréé. Il précise les informations à fournir au client sur le système de traitement des réclamations et l'accès à un médiateur. Il détaille les procédures à mettre en œuvre pour un traitement efficace, égalitaire et harmonisé et comprend un suivi pour corriger les éventuels dysfonctionnements.

On 23 January 2025, the Commission nationale de l'informatique et des libertés (CNIL) published the checks necessary to comply with the data protection law.

The CNIL outlines several important checks to ensure lawful reuse of databases. Organizations using freely available or third-party databases must verify that their collection or sharing complies with the law. The CNIL recommends these verifications include identifying the source and context of the data collection, ensuring lawful data processing, and performing impact assessments if necessary. Special attention should be given to sensitive data, requiring explicit consent or public availability, and data related to infractions, which must be authorized by law. Organizations should also ensure proper information is provided to the data subjects and assess any potential legal risks.

Version française

Le 23 janvier 2025, la Commission nationale de l'informatique et des libertés (CNIL) a publié les contrôles nécessaires pour se conformer à la loi sur la protection des données.

La CNIL souligne plusieurs vérifications importantes pour assurer une réutilisation licite des bases de données. Les organismes qui utilisent des bases de données librement accessibles ou des bases de données de tiers doivent vérifier que leur collecte ou leur partage est conforme à la loi. La CNIL recommande que ces vérifications comprennent l'identification de la source et du contexte de la collecte des données, la garantie d'un traitement licite des données et la réalisation d'analyses d'impact si nécessaire. Une attention particulière doit être accordée aux données sensibles, nécessitant un consentement explicite ou une mise à disposition du public, et aux données relatives aux infractions, qui doivent être autorisées par la loi. Les organisations doivent également veiller à ce que les personnes concernées soient correctement informées et évaluer tout risque juridique potentiel.

On 16 January 2025, the Autorité des marchés financiers (AMF) applied the revised ESMA guidelines on DORA.

These updated guidelines establish a framework for cooperation between competent authorities in supervising critical third-party providers of ICT services. The goal is to enhance digital resilience across the EU financial sector, ensuring a harmonized approach to surveillance and information exchange among member states. The AMF will incorporate these new provisions into its supervisory practices, ensuring close collaboration with ESMA and other relevant authorities starting from 17 January 2025.

Version française

Le 16 janvier 2025, l'Autorité des marchés financiers (AMF) a appliqué les lignes directrices révisées de l'ESMA sur DORA.

Ces lignes directrices mises à jour établissent un cadre de coopération entre les autorités compétentes pour la surveillance des fournisseurs tiers critiques de services TIC. L'objectif est de renforcer la résilience numérique dans l'ensemble du secteur financier de l'UE, en garantissant une approche harmonisée de la surveillance et de l'échange d'informations entre les États membres. L'AMF intégrera ces nouvelles dispositions dans ses pratiques de supervision, en assurant une collaboration étroite avec l'ESMA et les autres autorités concernées à partir du 17 janvier 2025.

On 17 January 2025, the Système unifié de rapport financier (e-surfi) published the supervisory framework for DORA.

As of 17 January 2025, the system has been updated to enable the teletransmission of declarations through the OneGate portal. The Functional Visit Cards (CVF) have been updated and will be communicated soon. The data collection under DORA includes the declarations of information registers (ROI), incidents (IR), and cyber threats (CT). Declarations and reports must be submitted in the specified formats and within the given deadlines. The ROIs are to be directly submitted to the ECB via the Casper tool for significant institutions, while the other declarations will use OneGate. The technical modalities for the teletransmission, including required formats like JSON for incidents and cyber threats and CSV for ROI, are outlined, with specified reference dates for each type of declaration. Testing of submissions can begin on the OneGate Homologation portal, with no electronic signature required for the data submissions. Updates and detailed technical information are available on the EBA website.

Version française

 Le 17 janvier 2025, le Système unifié de rapport financier (e-surfi) a publié le cadre de supervision pour DORA.

Depuis le 17 janvier 2025, le système a été mis à jour pour permettre la télétransmission des déclarations via le portail OneGate. Les cartes de visite fonctionnelles (CVF) ont été mises à jour et seront communiquées prochainement. La collecte de données dans le cadre de DORA comprend les déclarations de registres d'information (ROI), d'incidents (IR) et de cybermenaces (CT). Les déclarations et les rapports doivent être soumis dans les formats spécifiés et dans les délais impartis. Les RSI doivent être directement soumis à la BCE via l'outil Casper pour les institutions importantes, tandis que les autres déclarations utiliseront OneGate. Les modalités techniques de la télétransmission, y compris les formats requis tels que JSON pour les incidents et les cybermenaces et CSV pour les RSI, sont décrites, avec des dates de référence précises pour chaque type de déclaration. Les tests de soumission peuvent commencer sur le portail d'homologation OneGate, sans qu'aucune signature électronique ne soit requise pour la soumission des données. Des mises à jour et des informations techniques détaillées sont disponibles sur le site web de l'ABE.

The AFG (Association Française de la Gestion financière) has released a Q&A document on DORA, which complements the responses given at the end of 2024 during a cybersecurity briefing. This document addresses specific concerns of its members regarding the implementation of DORA regulations. It includes guidance on reporting incidents to the AMF, notably clarifying that only incidents impacting the integrity, availability, authenticity, or confidentiality of information need to be reported.

The Q&A confirms that, as of now, the European Commission has published two delegated regulations and three Regulatory Technical Standards (RTS), with six more RTS still awaiting official publication. Notably, CIFs generally fall outside DORA's scope, except for CIFs under MICA, which are governed by the PSAN approval for digital asset service providers.

AFG also highlights the importance of aligning cybersecurity practices with those of a parent group if applicable, yet recognizing distinct risks pertinent to Asset Management Companies (SGPs). Emphasis is placed on the necessity for SGPs to adapt a structured cybersecurity approach, starting with mapping out information systems and critical data, which is vital for effective protection.

Additionally, the Q&A touches on the need for contractual clauses in agreements with critical IT service providers, suggesting that the European Commission should provide model clauses to facilitate compliance for smaller SGPs. Furthermore, the document advises collective action among SGPs for audits of shared services by third-party providers to mitigate resistance from these providers.

To assist with regulatory adherence, AFG also urges SGPs to initiate cybersecurity measures, focusing on high-sensitivity areas first. The Q&A underscores that while DORA introduces a structured framework for better contractual relationships and the supervision of critical IT service providers by ESAs, it doesn't fundamentally alter existing domestic regulations but provides a more systematic approach.

Overall, AFG promotes a comprehensive, risk-based approach to cybersecurity, tailored to each SGP's specific context and resources.

Version française

L'AFG (Association Française de la Gestion financière) a publié un document de questions-réponses sur la loi DORA, qui complète les réponses données fin 2024 lors d'une réunion d'information sur la cybersécurité. Ce document répond aux préoccupations spécifiques de ses membres concernant la mise en œuvre de la réglementation DORA. Il comprend des conseils sur la déclaration des incidents à l'AMF, précisant notamment que seuls les incidents ayant un impact sur l'intégrité, la disponibilité, l'authenticité ou la confidentialité des informations doivent être déclarés.

La FAQ confirme qu'à ce jour, la Commission européenne a publié deux règlements délégués et trois normes techniques réglementaires (RTS), six autres RTS étant encore en attente de publication officielle. Notamment, les CIFs ne relèvent généralement pas du champ d'application de la DORA, à l'exception des CIFs sous MICA, qui sont régis par l'agrément PSAN pour les fournisseurs de services d'actifs numériques.

L'AFG souligne également l'importance d'aligner les pratiques de cybersécurité sur celles d'un groupe mère, le cas échéant, tout en reconnaissant les risques distincts propres aux sociétés de gestion d'actifs (SGA). L'accent est mis sur la nécessité pour les SGP d'adopter une approche structurée de la cybersécurité, en commençant par la cartographie des systèmes d'information et des données critiques, qui est vitale pour une protection efficace.

En outre, la FAQ aborde la nécessité de clauses contractuelles dans les accords avec les fournisseurs de services informatiques critiques, suggérant que la Commission européenne fournisse des clauses types pour faciliter la mise en conformité des SGA de plus petite taille. De plus, le document conseille une action collective parmi les SGA pour les audits des services partagés par des fournisseurs tiers afin de réduire la résistance de ces fournisseurs.

Pour faciliter le respect de la réglementation, l'AFG invite également les SGA à mettre en place des mesures de cybersécurité, en se concentrant d'abord sur les domaines les plus sensibles. Les questions et réponses soulignent que si le DORA introduit un cadre structuré pour de meilleures relations contractuelles et la supervision des fournisseurs de services informatiques critiques par les ASE, il ne modifie pas fondamentalement les réglementations nationales existantes, mais fournit une approche plus systématique.

Dans l'ensemble, l'AFG encourage une approche globale de la cybersécurité, fondée sur les risques et adaptée au contexte et aux ressources spécifiques de chaque SGA.

The Autorité des marchés financiers (AMF) has updated its regulations and doctrine to enhance the management and transparency of private equity funds. These amendments, approved on 12 November 2024 and published on 5 December 2024, aim to improve adherence to liquidation deadlines and the information provided to unit holders. Key updates include extending the maximum blocking period for redemption requests from 10 to 15 years (effective from 13 June 2024), and requiring promotional communications to disclose potential extensions of fund duration. A new regulation mandates warnings in promotions if, in the past decade, a management company has failed to respect the lifespan of at least 50% of its funds.

The AMF also introduced a template letter for unit holders during fund dissolution, requiring semi-annual liquidation status reports, and set a minimum annual distribution principle during liquidation. Management companies now have specific options for handling unsold participations during liquidation, and unit holders must provide banking details before subscription to ensure payment efficiency.

Finally, the AMF implemented a communication framework to inform the public when a new management company takes over funds from another company whose approval has been withdrawn, applicable to all funds.

Version française

L'Autorité des marchés financiers (AMF) a mis à jour sa réglementation et sa doctrine afin de renforcer la gestion et la transparence des fonds de capital investissement. Ces modifications, approuvées le 12 novembre 2024 et publiées le 5 décembre 2024, visent à améliorer le respect des délais de liquidation et l'information des porteurs de parts. Les principales mises à jour comprennent l'extension de la période de blocage maximale pour les demandes de rachat de 10 à 15 ans (à compter du 13 juin 2024), et l'obligation pour les communications promotionnelles de divulguer les extensions potentielles de la durée du fonds. Un nouveau règlement impose des avertissements dans les promotions si, au cours des dix dernières années, une société de gestion n'a pas respecté la durée de vie d'au moins 50 % de ses fonds.

L'AMF a également introduit un modèle de lettre pour les porteurs de parts lors de la dissolution d'un fonds, exigeant des rapports semestriels sur l'état de la liquidation, et a fixé un principe de distribution annuelle minimale lors de la liquidation. Les sociétés de gestion disposent désormais d'options spécifiques pour le traitement des participations invendues lors de la liquidation, et les porteurs de parts doivent fournir leurs coordonnées bancaires avant la souscription afin de garantir l'efficacité des paiements.

Enfin, l'AMF a mis en place un cadre de communication pour informer le public lorsqu'une nouvelle société de gestion reprend les fonds d'une autre société dont l'agrément a été retiré, applicable à tous les fonds.

On 21 January 2025, the Association Française de la Gestion financière (AFG) published its updated recommendations for corporate governance.

The AFG emphasizes the importance of responsible asset management and long-term investment. The 2025 edition aims to guide management companies during the voting season of general meetings. Key updates include the involvement of the board of directors in ensuring robust procedures for financial and non-financial data, promoting effective verification of accounts and sustainability reports, and ensuring shareholder democracy, particularly in IPOs with multiple voting rights. The recommendations also address potential conflicts of interest and the need for clear communication when resolutions are contested.

Version française

Le 21 janvier 2025, l'Association Française de la Gestion financière (AFG) a publié ses recommandations actualisées en matière de gouvernement d'entreprise.

L'AFG souligne l'importance d'une gestion d'actifs responsable et d'un investissement à long terme. L'édition 2025 vise à guider les sociétés de gestion pendant la période de vote des assemblées générales. Les principales mises à jour concernent l'implication du conseil d'administration pour garantir des procédures robustes pour les données financières et non financières, la promotion d'une vérification efficace des comptes et des rapports de durabilité, et la garantie de la démocratie actionnariale, en particulier dans les introductions en bourse avec droits de vote multiples. Les recommandations abordent également les conflits d'intérêts potentiels et la nécessité d'une communication claire en cas de contestation des résolutions.

On 13 January 2025, the Association Française de Gestion (AFG) updated four fact sheets:

• Annual Information Sheet (FRA);
• Annual Control Report (RAC);
• SFDR or "Disclosure" reporting;
• Annual accounts of the management company.

Version française

Le 13 janvier 2025, l'Association Française de Gestion (AFG) a mis à jour quatre fiches :

• Fiche annuelle d'information (FRA) ;
• Rapport annuel de contrôle (RAC) ;
• Rapport SFDR ou « Disclosure » ;
• Comptes annuels de la société de gestion

On 16 January 2025, the Autorité des marchés financiers (AMF) published their supervisory priorities and actions for 2025.

The AMF has outlined its supervisory priorities and actions for 2025, which are part of its strategic framework "IMPACT 2027." The key focus areas include:

• Protecting investors: strengthening the protection of savers through robust supervision, particularly in the context of financial restructuring operations and ensuring compliance with obligations regarding public offers.
• Promoting sustainable finance: continuing efforts in sustainable finance, with particular attention to the legislative work on the SFDR and integrating sustainability preferences into retail client services. The AMF will also participate in the ESMA's common supervisory action on sustainability preferences and conduct targeted spot checks.
• Supporting financial innovation: facilitating the implementation of the MiCA and ensuring the entry into force of the Data Act and the ESAP Regulation, which aims to create a European platform for financial market information.
• Active international engagement: contributing to European and international regulatory and supervisory work, including feeding into EU investor protection efforts and promoting supervisory convergence.
• Operational resilience: preparing financial market infrastructures for the application of the DORA, enhancing cybersecurity, and ensuring operational resilience across the financial sector.
• Internal efficiency: improving the AMF's performance through strategic initiatives, such as the annual stakeholder perception study to identify strengths and areas for improvement.

The AMF's actions are guided by a strong commitment to market integrity, investor protection, and adapting to regulatory changes in the financial sector.

Version française

Le 16 janvier 2025, l'Autorité des marchés financiers (AMF) a publié ses priorités et actions de supervision pour 2025.

L'Autorité des marchés financiers (AMF) a présenté ses priorités et actions de supervision pour 2025, qui s'inscrivent dans son cadre stratégique « IMPACT 2027 ». Les principaux domaines d'action sont les suivants

• Protéger les épargnants : renforcer la protection des épargnants par une supervision robuste, notamment dans le cadre des opérations de restructuration financière et veiller au respect des obligations en matière d'offre publique.
• Promouvoir la finance durable : poursuivre les efforts en matière de finance durable, en accordant une attention particulière aux travaux législatifs sur la SFDR et à l'intégration des préférences en matière de durabilité dans les services aux clients de détail. L'AMF participera également à l'action de supervision commune de l'ESMA sur les préférences en matière de développement durable et mènera des contrôles ponctuels ciblés.
• Soutenir l'innovation financière : faciliter la mise en œuvre de l'AMC et assurer l'entrée en vigueur de la loi sur les données et du règlement ESAP, qui vise à créer une plateforme européenne d'information sur les marchés financiers.
• Engagement international actif : contribuer aux travaux européens et internationaux en matière de réglementation et de surveillance, notamment en alimentant les efforts de l'UE en matière de protection des investisseurs et en promouvant la convergence en matière de surveillance, ce qui permettra d'améliorer l'efficacité de l'action de l'UE dans ce domaine.
• Résilience opérationnelle : préparer les infrastructures des marchés financiers à l'application du DORA, renforcer la cybersécurité et assurer la résilience opérationnelle dans l'ensemble du secteur financier.
• Efficacité interne : amélioration de la performance de l'AMF par le biais d'initiatives stratégiques, telles que l'étude annuelle sur la perception des parties prenantes visant à identifier les points forts et les domaines à améliorer.

L'action de l'AMF est guidée par un engagement fort en faveur de l'intégrité des marchés, de la protection des investisseurs et de l'adaptation aux évolutions réglementaires du secteur financier.

On 15 January 2025, the Deutscher Bundestag published a draft of the Second Future Financing Act

Stable, efficient and deep capital markets are crucial for innovation, private investment and growth. The Future Financing Act has already taken numerous measures to improve the framework conditions for capital markets and start-ups. The aim of this draft law is - building on the Future Financing Act - to further strengthen the competitiveness and attractiveness of Germany as a financial center and, in particular, to improve the financing options for young, dynamic companies. This includes in particular the tax framework, which is an important factor in investment decisions. The conditions for companies to access the capital market are to be further improved, making financing even easier for them. This is intended to make a significant contribution to dynamizing our economy and mobilizing private growth and innovation capital.

The draft law serves to implement the growth initiative adopted by the Federal Cabinet on 17 July 2024. With the growth initiative, the federal government wants to give the economy additional growth impetus and make Germany a competitive and future-proof business location.

Another aim of the draft law is to make capital resources more widely available for investments in infrastructure and renewable energies. In view of the enormous need for investment in infrastructure and renewable energies, it is important to create a legally secure framework for investments in renewable energies and infrastructure in addition to the existing measures to secure investments in renewable energies, such as the Renewable Energy Sources Act, in order to implement the urgently needed projects and accelerate the transition to a more sustainable future.

The draft of a Second Future Financing Act presents comprehensive measures to facilitate access to the capital market for companies, to promote the fund market and thus also the venture capital ecosystem, and to streamline supervisory requirements. The law aims to provide positive impetus for the mobilization of private financial resources and the growth of the German economy.

To implement the growth initiative, the draft law introduces measures that strengthen Germany as a financial center and mobilize more growth capital (Section 29 of the growth initiative):

• Improvement of the tax framework for investments in venture capital, in particular through (1.) adjustments to the taxation of investments in commercial partnerships by funds that fall under the Investment Tax Act, and (2.) adjustments to the taxation of profits from the sale of holdings in corporations when these are reinvested (“roll-over”);
• Possibility of English-language prospectuses with a summary, thereby facilitating the EU-wide distribution of securities.

In order to make the framework conditions for top earners in the financial sector more flexible, the protection against dismissal for very high-income earners in the financial sector will also be relaxed by extending the existing regulations for risk takers in systemically important banks to non-systemically important banks as well as insurance companies, securities institutions and investment companies (section 36 of the Growth Initiative).

The proposed new investment tax regulation is intended to remove obstacles to investments in infrastructure and renewable energies. Amendments to the Investment Tax Act and the Capital Investment Code will create a legally secure investment framework for investments in renewable energies and infrastructure. These measures to strengthen the fund location are also intended to facilitate investments in venture capital. For this purpose, investment funds and special investment funds will in future be allowed to invest in commercial venture capital funds to an essentially unlimited extent.

The draft law also contains further measures, in particular to improve the financing conditions of companies and to reduce bureaucracy, which were identified in the context of practical tests and exchange formats with affected stakeholders such as the Federal Financial Supervisory Authority (BaFin) and the business community. The measures to reduce bureaucracy focus on requirements where the bureaucratic burden for companies does not correspond with adequate knowledge gain for BaFin, such as the abolition of the employee and complaints register at BaFin, the restriction of the requirement to submit a certificate of compliance with the supervisory requirements for non-listed derivatives (OTC derivatives) to the companies that are relevant from a risk perspective, and an increase in the reporting thresholds for million-euro loan reporting from 1 to 2 million euros.

On 15 January 2025, the Federal Financial Supervisory Authority (BaFin) published  circular no 01/2025 on adopting the European Banking Authority’s (EBA’s) guidelines on the simple, transparent and standardised (STS) criteria for balance sheet securitisations.

The circular relates to specifying the STS criteria set out in Articles 26b to 26e of Regulation (EU) No 2017/2402 for balance sheet securitisations and amending Guidelines EBA/GL/2018/08 and EBA/GL/2018/09 for ABCP securitisations and for non-ABCP securitisations.

With this circular, BaFin is in line with its declaration to the EBA that it intends to comply with the aforementioned guidelines by 15 January 2025.

On 20 January 2025, the Irish Funds Industry Association (Irish Funds) published a Members’ Perspective: Siobhan Moran, CACEIS.

Siobhan Moran, Head of Client Coverage Ireland, CACEIS, highlights the essence of collaboration within the Irish Funds industry, bringing members together to drive positive change. The industry’s strong cooperative spirit ensures collective progress and improvement.

On 8 January 2025, the Senato della Repubblica published Draft legislative decree laying down provisions for the adaptation of national legislation to the provisions of Regulation (EU) 2022/2554 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011, and for the transposition of Directive (EU) 2022/2556 amending Directives 2009/65/EC, 2009/138/EC, 2011/61/EC, 2013/36/EU, 2014/59/EU, 2014/65/EU, (EU) 2015/2366 and (EU) 2016/2341 as regards digital operational resilience for the financial sector.

The legislative decree presented on the proposal of the Minister for European Affairs, the South, Cohesion Policies and the PNRR and the Minister of Economy and Finance consists of 14 articles, divided as follows:

Chapter I: 'General provisions';

Chapter II: 'Competent authorities and cooperation';

Chapter III: "Provisions applicable to financial intermediaries and Bancoposta";

Chapter IV: 'Supervisory powers and sanctions';

Chapter V: "Amendments and additions to the sectoral legislation and coordination

provisions";

Chapter VI: 'Final provisions'.

The Banca d'Italia is designated as the competent authority.

The administrative fines vary depending on the type of the financial entity. Additionally, penalties for persons involved in administrative, directorial, or controlling functions who commit violations can range up to €5 million, depending on the specific violation. There are also provisions for temporary or permanent cessation of practices contrary to regulations and additional sanctions such as banning from certain functions for periods between six months and three years.

There will be a focus on cooperation between the competent DORA authorities and other relevant structures and authorities instituted under the NIS2 Directive, particularly the National Cybersecurity Agency. This will involve operational and informational coordination regulated by one or more memoranda of understanding.

On 23 January 2025, the Commissione Nazionale per le Società e la Borsa (CONSOB) published a Notice on oversight cooperation and exchange of information between the European Supervisory Authorities (ESAs) and competent authorities under Regulation (EU) 2022/2554 (DORA). 

Consob has notified ESMA, pursuant to Regulation (EU) No. 1095/2010, of compliance with the Joint Guidelines of the European Supervisory Authorities (ESAs) "Joint Guidelines on oversight cooperation and exchange of information between European Supervisory Authorities (ESAs) and competent authorities pursuant to Regulation (EU) 2022/2554 (DORA)" (JC/GL/2024/36).

The Guidelines, addressed to the competent authorities for the supervision of entities identified by Article 2 of Regulation (EU) 2022/2554 (DORA), provide guidance on the cooperation between the ESAs and the competent authorities concerning the procedures and conditions for the allocation and execution of tasks between the competent authorities and the ESAs and the exchanges of information necessary to ensure the follow-up of recommendations addressed to third-party providers critical of ICT services under the Critical Third Party Provider (CTPP) surveillance framework established by the DORA Regulation.

On 17 January 2025, the Banca d'Italia published Communication on ICT security. 

The data relating to the reporting of serious operational or security incidents, as reported in the Bank of Italy's recent analysis document "Digital resilience in the Italian financial sector: evidences from the supervisory incident reporting framework", indicate that in the last three years there has been an increase in reports of both operational and cyber incidents (for the latter the increase was greater in 2023).

 The recently published documents include:

• A notice addressed to intermediaries under direct supervision, highlighting ICT security requirements. These intermediaries include non-significant banks, investment firms, managers, payment institutions, electronic money institutions, issuers of asset-linked tokens, cryptoasset service providers, and crowdfunding service providers. They are required to evaluate their adherence to the Digital Operational Resilience Act (DORA) and conduct a self-assessment of their ICT risk management frameworks. The results must be submitted to the supervisory body by 30 April 2025.
• Instructions for financial entities on how to report significant ICT incidents and major cyber threats via the INFOSTAT platform.
• Guidance on the responsibilities of the ICT risk control function. This includes mandatory reporting of ICT service contracts that support key functions, obligations to report severe ICT incidents and cyber threats, and requirements for performing threat-led penetration tests.
• A notification of the Bank of Italy’s commitment to comply with the joint guidelines from the European Supervisory Authorities (ESAs) (JC/GL/2024/36). These guidelines emphasize the need for cooperation and information exchange between the ESAs and NCAs.

On 10 January 2025, the Banca d'Italia announced Agreement for the implementation of an Instant Payment System in the Western Balkans.

The collaboration agreement provides for the Bank of Italy to provide a system for instant payments based on a twin of the TIPS service, the European platform for the real-time settlement of instant payments designed, implemented and managed by the Bank of Italy on behalf of the Eurosystem. The initiative, approved by the Governing Council of the European Central Bank, has been joined by Albania, Bosnia and Herzegovina, Kosovo and Montenegro (North Macedonia reserves the right to join in the near future).

The new platform, which will be operational within 18 months of the start of work - scheduled for the next few weeks - will allow payments to be made in all currencies of the participating countries. Additional features will be developed after the initial implementation phase. The platform will also make it possible to establish a bilateral connection for the settlement of payments between the area served by TIPS and the Western Balkan area, through a technologically advanced and low-cost solution.

The signing of the Letter of Intent represents an important step in the path of integration of the Western Balkan countries with the financial system of the European Union.

On 21 January 2025, the Banca d'Italia published Consultation on Update of statistical and supervisory reporting of UCIs.

The consultation is aimed at collecting comments and observations on the regulatory changes made to Circulars no. 189 and 154. 

Observations and comments may be submitted until 20 February 2025 of the publication of this consultation document on the Bank of Italy's website, by certified email or in paper form.

The following regulatory changes are subject to public consultation: 

• Draft of the 24th update of Circular no. 189 of 21 October 1993, "Manual of Statistical and Supervisory Reporting for Undertakings for Collective Investment Undertakings"; 
• Draft of the 77th update of Circular No. 154 of 22 November 1991, "Supervisory reporting of credit and financial institutions. Detection schemes and instructions for the forwarding of information flows".

The amendments are aimed at implementing: 

• the new information requests provided for by Regulation (EU) 2024/1988 of the European Central Bank on statistics on investment funds; 
• the measures introduced by Law No. 21 of 5 March 2024 (the so-called Capital Law) simplifying the supervisory regime on Variable Capital Investment Companies (Le Società di Investimento a Capitale Variabile - SICAVs) and Fixed Capital Investment Company (Società di investimento a capitale fisso – SICAFs) under external management, already disclosed to the system with the Communication of 30 October 2024. 

From a technical point of view, the format for exchanging reports of UCIs is modified, moving from the one currently in force (so-called PUMA) to the XML format.

This consultation is of particular interest to: 

• asset management companies and managers of AIFs; ii) trade associations, which can represent the requests of their members; 
• any other person or organisation that may have an interest in providing the Bank of Italy with observations and food for thought on the regulatory scheme submitted for public consultation.

One of the main innovations introduced by the Regulation is the request for certain information with a high level of granularity. In particular, information on the securities in the UCI's portfolio is requested, detailed by ISIN code - security by security - on a monthly basis, as well as specific requests relating to securities without an ISIN code.

The signage changes come into force from the reference date of 31 December 2025. 

On 25 January 2025, the Commissione Nazionale per le Società e la Borsa (CONSOB) published Resolution no. 23352 on Determination of the contribution due for the year 2025, pursuant to art. 40 of Law no. 724/1994. 

The subjects are required to pay to Consob, for the financial year 2025, an amount called the "supervisory fee" determined in the measures shown in the same table. It apples, inter alia, to banks, IFMs and investment companies.

The deadline for the payment is the 15th of April 2025. 

Failure to pay the contribution within the established deadline will result in the initiation of the compulsory collection procedures and the application of interest on late payment to the legal extent.

On 15 January 2025, the Jersey Financial Services Commission (JFSC) announced 2025 regulatory fee collection began. 

On 6 December, JFSC  published their 2025 Fee Notices, effective from 1 January 2025. JFSC will begin issuing invoices to collect annual regulatory fees. If necessary, JFSC will request information required to calculate the fee in line with the applicable fees notice.

JFSC terms for paying invoices or providing fee information are 30 days from date of request.

On 16 January 2025, the Luxembourg Government complies with the rules of Pillar Two of the OECD/G20 Inclusive Framework.

This framework establishes a minimum tax rate of 15% for multinational enterprises with a revenue threshold of at least 750 million euros. Luxembourg integrated this directive into national law on 23 December 2023, and further updated it on 20 December 2024, to align with the OECD/G20 guidelines. The transitory qualifications will continue to apply until the complete legislative qualification process is finalized, ensuring legal certainty and predictability for affected business groups. The OECD has published a list of jurisdictions, including Luxembourg, that have already implemented the Pillar 2 framework in compliance with the collective guidelines and standards. The communiqué underscores Luxembourg's commitment to international tax compliance and its proactive steps to meet the evolving global tax standards set by the OECD/G20 Inclusive Framework.

Version française

Le 16 janvier 2025, le gouvernement luxembourgeois se conforme aux règles du deuxième pilier du Cadre inclusif OCDE/G20.

Ce cadre établit un taux d'imposition minimum de 15 % pour les entreprises multinationales dont le seuil de revenus est d'au moins 750 millions d'euros. Le Luxembourg a intégré cette directive dans sa législation nationale le 23 décembre 2023, et l'a mis à jour le 20 décembre 2024, pour s'aligner sur les lignes directrices de l'OCDE/G20. Les qualifications transitoires continueront de s'appliquer jusqu'à ce que le processus complet de qualification législative soit finalisé, garantissant ainsi la sécurité juridique et la prévisibilité pour les groupes d'entreprises concernés. L'OCDE a publié une liste de juridictions, dont le Luxembourg, qui ont déjà mis en œuvre le cadre du Pilier 2 conformément aux lignes directrices et normes collectives. Le communiqué souligne l'engagement du Luxembourg en faveur de la conformité fiscale internationale et ses mesures proactives pour respecter l'évolution des normes fiscales mondiales fixées par le Cadre inclusif OCDE/G20.

The CSSF Circular Letter on Financial Crime, dated 28 January 2025, addresses the annual online questionnaire for the year 2024 that aims to collect standardized key information regarding ML/TF risks faced by supervised professionals. This questionnaire is part of the CSSF's ongoing assessment and risk-based supervision approach for AML/CFT. The entities required to complete this questionnaire include credit institutions, investment firms, investment fund managers, payment institutions, CASPs, specialized professionals of the financial sector, and central securities depositories incorporated under Luxembourg law, as well as their Luxembourg branches.

Key changes to this year's questionnaire include the removal, addition, or amendment of some questions, with the updated questions indicated within the questionnaire. Entities must submit their responses via the CSSF eDesk platform by 4 April 2025. The questionnaire can be pre-populated using an API solution that implements a structured exchange file in JSON format sent via S3 protocol, though manual input within the eDesk platform is also possible. It is the responsibility of the compliance officer or the person responsible for compliance to ensure the questionnaire is accurately completed; they may delegate the task to another employee or third party provided the ultimate responsibility remains with them. All supervised entities must ensure they have an active eDesk account to avoid connection issues when the questionnaire is launched.

Version française

La lettre circulaire de la CSSF sur la criminalité financière, datée du 28 janvier 2025, traite du questionnaire annuel en ligne pour l'année 2024 qui vise à collecter des informations clés standardisées concernant les risques de blanchiment de capitaux et de financement du terrorisme auxquels sont confrontés les professionnels assujettis. Ce questionnaire fait partie de l'approche d'évaluation continue et de surveillance basée sur les risques de la CSSF en matière de lutte contre le blanchiment et le financement du terrorisme. Les entités tenues de remplir ce questionnaire sont les établissements de crédit, les entreprises d'investissement, les gestionnaires de fonds d'investissement, les établissements de paiement, les CASP, les professionnels spécialisés du secteur financier et les dépositaires centraux de titres de droit luxembourgeois, ainsi que leurs succursales luxembourgeoises.

Les principaux changements apportés au questionnaire de cette année comprennent la suppression, l'ajout ou la modification de certaines questions, les questions mises à jour étant indiquées dans le questionnaire. Les entités doivent soumettre leurs réponses via la plateforme CSSF eDesk avant le 4 avril 2025. Le questionnaire peut être pré-rempli à l'aide d'une solution API qui met en œuvre un fichier d'échange structuré au format JSON envoyé via le protocole S3, bien qu'une saisie manuelle au sein de la plateforme eDesk soit également possible. Il incombe au responsable de la conformité ou à la personne chargée de la conformité de s'assurer que le questionnaire est correctement rempli ; ils peuvent déléguer cette tâche à un autre employé ou à un tiers, à condition que la responsabilité finale leur incombe. Toutes les entités contrôlées doivent s'assurer qu'elles disposent d'un compte eDesk actif afin d'éviter les problèmes de connexion lorsque le questionnaire est rempli. 

On 14 January 2025, the Commission de Surveillance du secteur financier (CSSF) published a new eDesk procedure on the Self-assessment questionnaire professional depositaries of assets other than financial instruments (PDAOFI).

In the context of the introduction of new means of communication for requests and reporting by PFS, the self-assessment questionnaire PDAOFI must be transmitted on an annual basis to the CSSF in electronic form via:

• A dedicated eDesk procedure
• An API solution based on the submission of the report via the S3 protocol.

A user guide detailing the submission procedures for this reporting is available on our website. The reporting is applicable to all depositaries for Luxembourg-domiciled UCIs under Art. 26-1 of the Law of 5 April 1993 on the financial sector, as amended. The reporting replaces the list of information on the depositary function that must be kept up-to-date and provided to the CSSF on an annual basis, as detailed in Annex 1 of Circular CSSF 18/697. The reference date for the data reported is 31 December 2024 and the submission should be received by 31 March 2025.

Version française

Le 14 janvier 2025, la Commission de Surveillance du secteur financier (CSSF) a publié une nouvelle procédure eDesk concernant le questionnaire d'auto-évaluation des dépositaires professionnels d'actifs autres que des instruments financiers (PDAOFI).

Dans le cadre de l'introduction de nouveaux moyens de communication pour les demandes et le reporting des PSF, le questionnaire d'auto-évaluation PDAOFI doit être transmis annuellement à la CSSF sous forme électronique via :

• une procédure eDesk dédiée
• une solution API basée sur la soumission du rapport via le protocole S3.

Un guide d'utilisation détaillant les procédures de soumission pour ce reporting est disponible sur notre site web. Le reporting est applicable à tous les dépositaires d'OPC domiciliés au Luxembourg en vertu de l'art. 26-1 de la loi du 5 avril 1993 relative au secteur financier, telle que modifiée. Le reporting remplace la liste des informations relatives à la fonction de dépositaire qui doivent être tenues à jour et fournies à la CSSF sur une base annuelle, telle que détaillée dans l'annexe 1 de la circulaire CSSF 18/697. La date de référence pour les données rapportées est le 31 décembre 2024 et la soumission doit être reçue au plus tard le 31 mars 2025.

BACKGROUND

As of 17 January 2025, Financial Entities subject to DORA are required to notify major ICT-related incidents and significant cyber threats via a new dedicated procedure encompassing two different notification forms, available in eDesk, following the process already in place for reporting incidents under Circular CSSF 24/847:

• through the dedicated procedure “DORA Major ICT-related incident and significant cyber threat notification” available on the CSSF eDesk Portal (edesk.apps.cssf.lu); or
• via the API interface (S3) provided by the CSSF.

The CSSF is also required to submit the register of information by 30 April 2025 to the European Supervisory Authorities (ESAs)2. The reference date of the register for the first year of submission is 31 March 20253.

WHAT'S NEW?

The CSSF press release, published on 15 January 2025, outlines the entry into application of the DORA effective 17 January 2025. The CSSF reminds Financial Entities that DORA requirements and its regulatory technical standards take precedence over overlapping elements in CSSF Circulars, specifically in Circulars CSSF 20/750 on ICT and security risk management, CSSF 22/806 on ICT outsourcing arrangements, and CSSF 24/847 on ICT-related incident reporting.

The CSSF reminds Financial Entities of the previously published press release of 5 December 2024 in which Financial Entities were urged to (1) ensure that they have an LEI code to be able to submit their required reporting, and (2) create the specific eDesk role of “IT incident notifier” to be able to submit the incidents via eDesk. It is imperative that these elements are in place to be able to fulfil the reporting obligations as of 17 January 2025. 

Financial Entities intending to outsource the reporting obligations to a third party shall inform the CSSF prior to the first notification or reporting and at the latest as soon as the outsourcing arrangement has been concluded. In this regard, the following details must be provided to ictrisksupervision@cssf.lu:

• Name, contact details and an identification code of the third party that will submit the notifications on behalf of the Financial Entity;
• Name, contact details and the related function of the persons at the third party to whom the role of the “IT incident notifier” will be assigned in eDesk.

The CSSF informs Financial Entities and third parties that, after having carefully evaluated the conditions of Article 7, no aggregated reporting by third party providers is permitted for the time being. 

The new procedure replaces previous reporting processes, including the eDesk procedure for major ICT-related incidents, PSD2 major incident reporting, and reporting of significant cyber incidents to the ECB and CSDs.

Financial Entities are also required to submit their register of information to the CSSF from 1 April 2025 to 15 April 2025 via eDesk, ahead of the ESAs deadline. Submitted registers will be subject to certain validation checks by the CSSF between 15 and 30 April 2025. In case errors are detected, the submitting Financial Entity will be invited to fix the detected errors and re-submit its register before 30 April 2025. During the month of May 2025, the ESAs will perform additional checks. Should they detect additional errors and consequently refuse the register on their side, the submitting Financial Entity must fix the detected errors and re-submit its register to the CSSF, which will then communicate the re-submitted register to the ESA. The CSSF highlights that the register of information must be submitted in plain CSV format.

WHAT'S NEXT?

The existing user guide on Major ICT-related incidents, available in eDesk, will be updated accordingly and available as at this date to help Financial Entities with the submission of their notifications.

The ESAs and the CSSF are proceeding with the updates of relevant texts (Guidelines and circulars), which will be published in due course. 

Version française

BACKGROUND

À partir du 17 janvier 2025, les entités financières soumises à DORA sont tenues de notifier les incidents majeurs liés aux TIC et les cybermenaces significatives via une nouvelle procédure dédiée comprenant deux formulaires de notification différents, disponibles dans eDesk, en suivant le processus déjà en place pour la notification des incidents en vertu de la circulaire CSSF 24/847 :

• via la procédure dédiée « DORA Incident majeur lié aux TIC et notification de cybermenace importante » disponible sur le portail eDesk de la CSSF (edesk.apps.cssf.lu) ; ou
• via l'interface API (S3) fournie par la CSSF.

La CSSF est également tenue de soumettre le registre d'informations pour le 30 avril 2025 aux autorités européennes de surveillance (AES)2. La date de référence du registre pour la première année de soumission est le 31 mars 20253.

WHAT'S NEW?

Le communiqué de presse de la CSSF, publié le 15 janvier 2025, présente l'entrée en application de DORA à partir du 17 janvier 2025. La CSSF rappelle aux Entités Financières que les exigences de DORA et ses normes techniques réglementaires prévalent sur les éléments qui se chevauchent dans les Circulaires de la CSSF, notamment dans les Circulaires CSSF 20/750 sur la gestion des risques liés aux TIC et la sécurité, CSSF 22/806 sur les accords d'externalisation des TIC, et CSSF 24/847 sur la déclaration des incidents liés aux TIC.

La CSSF rappelle aux entités financières le communiqué de presse du 5 décembre 2024 dans lequel les entités financières ont été invitées à (1) s’assurer qu’elles disposent d’un code identifiant LEI pour pouvoir soumettre la notification requise, et (2) créer le rôle spécifique de « IT incident notifier » (notificateur d’incidents informatiques) sous eDesk pour pouvoir soumettre les incidents via eDesk. Il est impératif que ces éléments soient en place pour pouvoir remplir les obligations de notification à partir du 17 janvier 2025.

Les entités financières qui ont l’intention d’externaliser leurs obligations de notification à un tiers doivent en informer la CSSF avant la première notification ou déclaration et au plus tard dès que l’accord d’externalisation a été conclu. À cet égard, les informations suivantes doivent être fournies à ictrisksupervision@cssf.lu :

• le nom, les coordonnées et le code d’identification du tiers qui soumettra les notifications pour le compte de l’entité financière ;
• le nom, les coordonnées et la fonction des personnes agissant en qualité de tiers auxquelles le rôle de « IT incident notifier » sera attribué dans eDesk.

La CSSF informe les entités financières et les tiers que, après avoir soigneusement évalué les conditions de l’article 7, aucune notification agrégée par des fournisseurs tiers n’est autorisée pour le moment.

La nouvelle procédure remplace les processus de déclaration précédents, y compris la procédure eDesk pour les incidents majeurs liés aux TIC, le rapport de gros incidents PSD2, et les rapports d'incidents cybernétiques significatifs à la BCE et aux DCT.

Les registres soumis feront l’objet de certains contrôles de validation par la CSSF entre le 15 et le 31 avril 2025. Si des erreurs sont détectées, l’entité financière concernée sera invitée à corriger les erreurs détectées et à soumettre à nouveau son registre avant le 30 avril 2025.

Au cours du mois de mai 2025, les AES effectueront des contrôles supplémentaires. Si elles détectent des erreurs supplémentaires et refusent par conséquent le registre de leur côté, l’entité financière qui a soumis le registre doit corriger les erreurs détectées et soumettre à nouveau son registre à la CSSF, qui le communiquera ensuite aux AES. La CSSF souligne que le registre des informations doit être soumis en format CSV simple.

WHAT'S NEXT?

Le guide de l’utilisateur sur les incidents majeurs liés aux TIC, disponible sur eDesk, sera mis à jour en conséquence et disponible à cette date afin d’aider les entités financières à soumettre leurs notifications.

Les AES et la CSSF procèdent actuellement à la mise à jour des textes pertinents (Orientations et circulaires), qui seront publiés en temps utile. 

On 2 January 2025, the Commission de Surveillance du secteur financier (CSSF) updated the FAQ on the Luxembourg Law of 17 December 2010 relating to UCI.

Changes were made to questions 1.16, 7.6 and 11.4 to reflect new regulatory requirements and clarify existing guidelines. These changes aim to ensure that investment funds comply with the latest rules on investment practices, delegation to third parties, and public-interest entities. The updates provide detailed guidance on handling specific scenarios related to these topics, helping UCITS and other related entities adhere to the regulatory framework set by the CSSF.

Version française

Le 2 janvier 2025, la Commission de Surveillance du secteur financier (CSSF) a mis à jour la FAQ sur la loi luxembourgeoise du 17 décembre 2010 relative aux OPC.

Des modifications ont été apportées aux questions 1.16, 7.6 et 11.4 pour refléter les nouvelles exigences réglementaires et clarifier les lignes directrices existantes. Ces changements visent à garantir que les fonds d'investissement respectent les dernières règles en matière de pratiques d'investissement, de délégation à des tiers et aux entités d'intérêt public. Les mises à jour fournissent des conseils détaillés sur la gestion de scénarios spécifiques liés à ces sujets, aidant ainsi les OPCVM et autres entités liées à adhérer au cadre réglementaire défini par la CSSF.

On 8 January 2025, the Commission de Surveillance du secteur financier (CSSF) updated the FAQ concerning Circular CSSF 24/856 concerning the protection of investors in case of a NAV calculation error, an instance of non-compliance with the investment rules, and other errors at UCI level.

C. Do non-compliance issues with Weighted Average Life (“WAL”) and Weighted Average Maturity (“WAM”) limits fall within the scope of Circular CSSF 24/856?

Yes.

D. Do non-compliance issues with the daily and weekly minimum liquidity thresholds fall within the scope of Circular CSSF 24/856?

Yes.

Version française

Le 8 janvier 2025, la Commission de Surveillance du secteur financier (CSSF) a mis à jour la FAQ concernant la circulaire CSSF 24/856 relative à la protection des investisseurs en cas d'erreur de calcul de la VNI, de non-respect des règles d'investissement et d'autres erreurs au niveau des OPC.

C. Les problèmes de non-conformité avec les limites de durée de vie moyenne pondérée (« WAL ») et d'échéance moyenne pondérée (« WAM ») relèvent-ils du champ d'application de la circulaire CSSF 24/856 ?

Oui.

D. Les problèmes de non-conformité aux seuils minimums de liquidité journaliers et hebdomadaires relèvent-ils du champ d'application de la circulaire CSSF 24/856 ?

Oui.

On 9 January 2025, the Commission de Surveillance du secteur financier (CSSF) updated Circular CSSF 25/870 amending Circular CSSF 24/853 on the revised long form report for investment firms.

The purpose of this circular is to amend Circular CSSF 24/853 on the revised long form report (revised LFR) by enlarging its scope of application for the financial year ending 31 December 2024 compared to 31 December 2023. Whereas, for the financial year ending 31 December 2023, the revised LFR was applicable only to a sample of investment firms, namely (i) all non-SNI (small and non-interconnected) IFR investment firms incorporated under Luxembourg law, including their branches and (ii) certain SNI IFR investment firms incorporated under Luxembourg law, including their branches, the requirements with regard to the revised LFR now apply to all investment firms for the financial year ending 31 December 2024. 

However, considering the principle of proportionality, the CSSF introduces a reduced scope of the requirements for the investment firms that are subject to the provisions of Circular CSSF 24/853 for the first time as from the year ending 31 December 2024, as regards the reports to be prepared by their réviseur d’entreprises agréé. These investment firms (the Partial Scope IF) are exempted from the requirement to submit the Agreed Upon Procedure (AUP) reports as part of their revised LFR. 

However, the report on the protection of financial instruments and funds belonging to clients to be produced in accordance with the Grand-ducal Regulation of 30 May 2018 and the report on AML/CFT based on Articles 49(2) and 49(3) of CSSF Regulation No 12-02 of 14 December 2012 are mandatory for all investment firms and shall therefore also be submitted by these investment firms. 

Finally, certain investment firms may be exempted by the CSSF from this Circular notably where the requirements would represent an undue burden, in consideration of their specific and exceptional situation (e.g. investment firms that have announced the winding down of their operations). These investment firms remain subject to Circular CSSF 03/113.

Version française

Le 9 janvier 2025, la Commission de Surveillance du secteur financier (CSSF) a mis à jour la circulaire CSSF 25/870 modifiant la circulaire CSSF 24/853 relative au rapport complet révisé pour les entreprises d'investissement.

Cette circulaire a pour objet de modifier la circulaire CSSF 24/853 relative au rapport complet révisé (RCL révisé) en élargissant son champ d'application pour l'exercice social se clôturant le 31 décembre 2024 par rapport au 31 décembre 2023. Alors que, pour l'exercice clos le 31 décembre 2023, le LFR révisé n'était applicable qu'à un échantillon d'entreprises d'investissement, à savoir (i) toutes les entreprises d'investissement IFR non SNI (petites et non interconnectées) de droit luxembourgeois, y compris leurs succursales et (ii) certaines entreprises d'investissement IFR SNI de droit luxembourgeois, y compris leurs succursales, les exigences relatives au LFR révisé s'appliquent désormais à toutes les entreprises d'investissement pour l'exercice clos le 31 décembre 2024. 

Toutefois, compte tenu du principe de proportionnalité, la CSSF introduit un champ d'application réduit des exigences pour les entreprises d'investissement qui sont soumises aux dispositions de la circulaire CSSF 24/853 pour la première fois à partir de l'exercice se terminant le 31 décembre 2024, en ce qui concerne les rapports à préparer par leur réviseur d'entreprises agréé. Ces entreprises d'investissement (IF à champ d'application partiel) sont exemptées de l'obligation de soumettre les rapports de procédure agréée (AUP) dans le cadre de leur LFR révisée.

Toutefois, le rapport sur la protection des instruments financiers et des fonds appartenant aux clients à produire conformément au règlement grand-ducal du 30 mai 2018 et le rapport sur la lutte contre le blanchiment et le financement du terrorisme basé sur les articles 49 (2) et 49 (3) du règlement CSSF n° 12-02 du 14 décembre 2012 sont obligatoires pour toutes les entreprises d'investissement et doivent donc également être soumis par ces entreprises d'investissement. 

Enfin, certaines entreprises d'investissement peuvent être exemptées par la CSSF de la présente circulaire, notamment lorsque les exigences représenteraient une charge excessive, compte tenu de leur situation spécifique et exceptionnelle (par exemple les entreprises d'investissement qui ont annoncé la cessation de leurs activités). Ces entreprises d'investissement restent soumises à la circulaire CSSF 03/113.

On 15 January 2025, the Commission de Surveillance du secteur financier (CSSF) published Circular CSSF-CPDI 25/44 on the mode of transmission of the annual survey on covered claims in connection with investment business, previously in Excel format.

The CSSF circular addresses all credit institutions and investment firms incorporated under Luxembourg law, branches of non-EU credit institutions and investment firms, UCITS management companies, and alternative investment fund managers authorised for discretionary portfolio management. 

Starting from 20 January 2025, the ICS yearly reporting on covered claims in connection with investment business shall soon be submitted to the CSSF through the following means of communication:

• a dedicated eDesk procedure within the eDesk platform;
• an API solution based on automated report submission (S3 protocol).

Additionally, it clarifies the terms related to the identification and indemnification of accounts for the Système d'indemnisation des investisseurs Luxembourg (SIIL, Investor Compensation Scheme Luxembourg) guarantee, incorporating modifications from Circular CSSF-CPDI 23/35 to CSSF-CPDI 16/02 on deposit guarantee and investor compensation scopes. 

Circular CSSF-CPDI 16/03 is updated as per the annex that includes tracked changes for easier comprehension. 

Finally, Circular CSSF-CPDI 17/07 is repealed.

Version française

Le 15 janvier 2025, la Commission de Surveillance du secteur financier (CSSF) a publié la circulaire CSSF-CPDI 25/44 relative au mode de transmission de l'enquête annuelle sur les créances couvertes dans le cadre d'opérations d'investissement, précédemment sous format Excel.

La circulaire de la CSSF s'adresse à tous les établissements de crédit et entreprises d'investissement de droit luxembourgeois, aux succursales d'établissements de crédit et entreprises d'investissement non communautaires, aux sociétés de gestion d'OPCVM et aux gestionnaires de fonds d'investissement alternatifs agréés pour la gestion discrétionnaire de portefeuilles. 

A partir du 20 janvier 2025, le rapport annuel de l'ICS sur les sinistres couverts liés aux activités d'investissement sera bientôt soumis à la CSSF par les moyens de communication suivants :

• une procédure eDesk dédiée au sein de la plateforme eDesk ;
• une solution API basée sur la soumission automatisée de rapports (protocole S3).

En outre, elle clarifie les termes relatifs à l'identification et à l'indemnisation des comptes pour la garantie du Système d'indemnisation des investisseurs Luxembourg (SIIL), en intégrant les modifications des circulaires CSSF-CPDI 23/35 à CSSF-CPDI 16/02 sur les champs d'application de la garantie des dépôts et de l'indemnisation des investisseurs. 

La circulaire CSSF-CPDI 16/03 est mise à jour conformément à l'annexe qui reprend les modifications suivies pour une meilleure compréhension. 

Enfin, la circulaire CSSF-CPDI 17/07 est abrogée.

On 10 January 2025, the Commission de Surveillance du secteur financier (CSSF) published a press rekease on the CSRD and ESRS.

The notice specifically targets investment fund managers subject to CSSF Circular 18/698, excluding Luxembourg branches of investment fund managers under Chapter 17 of the December 17, 2010 law on undertakings for collective investment. It also applies to registered AIFMs under Article 3, paragraph 2 of the July 12, 2013 law on alternative investment fund managers as well as their approved statutory auditors (REA).

The directive, which became effective on 1 January 2024 with initial reporting impacts expected in 2025, mandates that sustainability reports be included in a dedicated section of the management report and verified by an REA. Luxembourg is in the process of transposing the CSRD into national law under Bill No. 8370. The CSSF highlights that investment fund managers and registered AIFMs are likely within the scope of this new regulation. Entities are advised to consult the CSSF website for further information on CSRD and determine their applicability immediately, collaborating with their REA.

Moreover, non-listed subsidiaries of an EEA-based parent company included in the parent company's sustainability report may be exempt from preparing their own report, provided certain conditions are met. However, subsidiaries of third-country parent companies must adhere to ESRS or equivalent standards to qualify for exemption. The CSSF also mentions that support measures, including training programs on CSRD and ESRS, are available to businesses through organizations like the Chamber of Commerce.

Version française

Le 10 janvier 2025, la Commission de Surveillance du secteur financier (CSSF) a publié un communiqué de presse sur le CSRD et l'ESRS.

L'avis vise spécifiquement les gestionnaires de fonds d'investissement soumis à la circulaire CSSF 18/698, à l'exclusion des succursales luxembourgeoises de gestionnaires de fonds d'investissement au sens du chapitre 17 de la loi du 17 décembre 2010 concernant les organismes de placement collectif. Elle s'applique également aux gestionnaires de fonds d'investissement alternatifs enregistrés en vertu de l'article 3, paragraphe 2 de la loi du 12 juillet 2013 relative aux gestionnaires de fonds d'investissement alternatifs, ainsi qu'à leurs réviseurs d'entreprises agréés (REA).

La directive, qui est entrée en vigueur le 1er janvier 2024 et dont les premiers effets sur les rapports sont attendus en 2025, exige que les rapports de développement durable soient inclus dans une section dédiée du rapport de gestion et vérifiés par un REA. Le Luxembourg est en train de transposer la CSRD en droit national dans le cadre du projet de loi n° 8370. La CSSF souligne que les gestionnaires de fonds d'investissement et les gestionnaires de fonds alternatifs enregistrés sont susceptibles d'entrer dans le champ d'application de cette nouvelle réglementation. Il est conseillé aux entités de consulter le site web de la CSSF pour plus d'informations sur la CSRD et de déterminer leur applicabilité immédiatement, en collaboration avec leur REA.

En outre, les filiales non cotées d'une société mère basée dans l'EEE qui sont incluses dans le rapport de durabilité de la société mère peuvent être exemptées de la préparation de leur propre rapport, à condition que certaines conditions soient remplies. Toutefois, les filiales de sociétés mères de pays tiers doivent adhérer à l'ESRS ou à des normes équivalentes pour bénéficier de l'exemption. La CSSF mentionne également que des mesures de soutien, y compris des programmes de formation sur le CSRD et l'ESRS, sont disponibles pour les entreprises par l'intermédiaire d'organisations telles que la Chambre de Commerce.

The CSSF publication on the Corporate Sustainability Reporting Directive (CSRD) and European Sustainability Reporting Standards (ESRS), released on 24 January 2025, highlights the new requirements for investment fund managers and registered AIFMs to comply with the CSRD. 

The directive mandates the publication of sustainability information, with a phased approach starting from 1 January 2024, and initial reports due in 2025. These sustainability reports must be included in a dedicated section of the management report and verified by an approved statutory auditor (REA).

The publication emphasizes that both listed and certain non-listed entities might fall under the CSRD's scope. Non-listed subsidiaries of companies established in third countries could be exempted if they are included in a consolidated sustainability report prepared by their parent company in accordance with ESRS or equivalent standards recognized by the European Commission. Entities are urged to evaluate their applicability to the CSRD and consult with their REA for compliance.

The communiqué also mentions support measures, such as training programs organized by the Chamber of Commerce, and provides contact emails for queries: gfi@cssf.lu for GFI and aifm_registration@cssf.lu for registered AIFMs.

Version française

La publication de la CSSF sur la directive relative à l'information sur le développement durable des entreprises (CSRD) et les normes européennes d'information sur le développement durable (ESRS), publiée le 24 janvier 2025, met en évidence les nouvelles exigences pour les gestionnaires de fonds d'investissement et les gestionnaires de fonds alternatifs enregistrés de se conformer à la CSRD.

La directive impose la publication d'informations en matière de développement durable, selon une approche progressive à partir du 1er janvier 2024, et des premiers rapports attendus en 2025. Ces rapports de développement durable doivent être inclus dans une section dédiée du rapport de gestion et vérifiés par un commissaire aux comptes agréé (REA).

La publication souligne que tant les entités cotées que certaines entités non cotées pourraient relever du champ d'application du CSRD. Les filiales non cotées d'entreprises établies dans des pays tiers pourraient être exonérées si elles sont incluses dans un rapport de développement durable consolidé préparé par leur société mère conformément à l'ESRS ou à des normes équivalentes reconnues par la Commission européenne. Les entités sont invitées à évaluer leur applicabilité au CSRD et à consulter leur REA pour vérifier leur conformité.

Le communiqué mentionne également des mesures de soutien, telles que des programmes de formation organisés par la Chambre de Commerce, et fournit des emails de contact pour toute question : gfi@cssf.lu pour GFI et aifm_registration@cssf.lu pour les AIFM enregistrés.

On 17 January 2025, Monaco publishes Ministerial Order No. 2025-4 of 16 January 2025 amending Ministerial Order No. 2021-703 of 8 November 2021 on the list of States or territories whose anti-money laundering, terrorist financing or corruption systems are strategically deficient, referred to in Article 14-1 of Law No. 1.362 of 3 August 2009, modified.

Article 2 is inserted after Article 1 of Ministerial Order No. 2021-703 of 8 November 2021, as amended, as referred to above, as follows:

"Article 2: Pursuant to Article 41 of Law No. 1.362 of August 3, 2009, as amended, referred to above, the reporting obligations of Chapter V of the said Law are extended to transactions and facts concerning natural or legal persons domiciled, registered or established in the territory of the Democratic People's Republic of Korea and the Islamic Republic of Iran."

On 16 January 2024, the Autoriteit Financiële Markten (AFM) published a press release on the publication of the AFM Agenta for 2025.

The AFM has observed that developments in the field of digitisation, sustainability and internationalisation are accelerating and have an increasing impact on the financial sector. These developments require the financial sector to adapt and policymakers and regulators to make adjustments. In the Netherlands, the pension transition remains an important factor. The AFM published its priorities and other supervisory activities for this year in its annual supervisory agenda . 

In a nutshell the dependence on big tech has a major impact on the financial sector and geopolitical tensions put international relations on edge.

Priorities for 2025 are:

• Agile and Learning Organization;
• Invest in employees;
• Protection of Consumers from the Downsides of Digitalization;
• Market Structure: Investigate and Address Commercial Incentives;
• Strengthening Cross-Border Market Abuse Supervision;
• Supervision of Digital Resilience and Compliance with European Requirements.

In January 2025, the Banco de España published Joint Guidelines on the oversight cooperation and information exchange between the European Supervisory Authorities (ESAs) and the competent authorities under the Digital Operational Resilience Act (Regulation (EU) 2022/2554 - DORA).

The ESAs issue these Guidelines based on Article 32(7) of DORA, for the purposes of Section II of Chapter V (Articles 31-44), which establishes the Oversight Framework of critical ICT third-party service providers. The ESAs shall issue guidelines on the cooperation between the ESAs and the competent authorities covering the detailed procedures and conditions for the allocation and execution of tasks between competent authorities and the ESAs; and the details on the exchanges of information which are necessary for competent authorities to ensure the follow–up of recommendations addressed to ICT third party service providers to financial entities designated as critical.

The ESAs published the English version of these Guidelines, as well as the Spanish version, on 6 November 2024. The Guidelines apply from 17 January 2025.

The Executive Commission of Banco de España, in its role of competent authority for the direct supervision of the less significant credit institutions, payment institutions and electronic money institutions, adopted these Guidelines as its own on 19 December 2024 and confirmed to the EBA the intention to comply with these Guidelines by 17 January 2025, except for paragraph 5.1 of the Guidelines, which adoption is considered by 30 April 2025, when necessary legislative or regulatory proceedings have been completed.

To the extent that DORA Regulation does not apply to specialized lending institutions, according to its Article 2, these Guidelines are also not applicable to them.

On 15 January 2025, the Comisión Nacional del Mercado de Valores (CNMV) updated its frequently asked questions (FAQs) on Collective Investments Schemes (CIS), private equity and other closed collective investment vehicles. 

This update addresses several regulatory questions:

• Investment by CIS in Securitisation Funds regulated by Law 5/2005 on the promotion of business financing.
• What aspects should the process for the selection and appointment of the depositary include in order to comply with the requirement that it be based on predefined objective criteria and attend exclusively to the interests of the UCITS and their investors (art. 22.1 of Delegated Regulation (EU) 2016/438?
• How are the obligations of the management companies interpreted as having been fulfilled in relation to the period of validity of the contract signed with the depositaries, which must be included therein in accordance with article 2.c) of Delegated Regulation (EU) 2016/438? Should the contracts include the conditions in the event of subrogation to a third party?

In January 2025, the Government published a consultation on draft Order regulating the lending of securities by Collective Investment Schemes (CIS).

Article 30.6 of Law 35/2003 of 4 November 2003 on Collective Investment Schemes establishes that the securities and other assets that make up the portfolio of collective investment schemes of a financial nature may be the subject of securities lending operations with the limits and guarantees established by the Minister of Economy. Commerce and Business.

Securities lending is an efficient portfolio management technique that consists of the temporary transfer of certain financial instruments by a lender to a policyholder or borrower, in exchange for other assets deposited as collateral and the payment of any fees that may be agreed.

The fundamental objective of this regulation is to enable the practice of securities lending to CIS, allowing them to offer higher returns to their unit-holders and shareholders, all without undermining the protection of investors and the security of their investments. To this end, the order develops the rules applicable to securities lending operations, establishes a system of guarantees on them, imposes internal control obligations for management companies, and, where appropriate, investment companies, and includes the obligations of the depositaries of lending institutions, which must ensure compliance with the rules applicable to securities lending.

The order is in line with the provisions of Article 51.2 of Directive 2009/65/EC of the European Parliament and of the Council of 13 July 2009 on the coordination of laws, regulations and administrative provisions relating to undertakings for collective investment in transferable securities (UCITS), which provides that Member States may authorise UCITS.

The order also takes into account the content of the European Securities Authority Guidelines and Markets (ESMA) on exchange-traded funds (ETFs) and other matters relating to UCITS (ESMA/2014/937ES) and Order EHA/888/2008 of 27 March 2008 on transactions of financial collective investment undertakings with derivative financial instruments and clarifying certain concepts of the Regulation of Law 35/2003 of 4 November, of collective investment schemes, approved by Royal Decree 1309/2005, of 4 November. Collective investment undertakings that carry out securities lending operations must in all cases comply with the rest of the obligations that apply to them and with the regulations on the operation of the securities markets.

Title I establishes the scope of application of securities lending operations for CIUs and the principles that should guide this practice. With regard to its scope of application, by virtue of Article 30.6 of Law 35/2003, of 4 November, on Collective Investment Schemes, the regulation authorises the lending of securities to collective investment schemes of a financial nature included in Chapter I of Title III of said Law, with the exception of hedge fund CIS, that they could already lend their values.

The regulation contains a repealing provision that expressly repeals the Order of the Ministry of Economy and Finance of 31 July 1991, on the transfer of securities on loan by collective investment undertakings and the regime of own resources, information and accounting of management companies of collective investment undertakings.

The first final provision contains the titles of competence by virtue of which the order is issued, corresponding to Article 149.1.6 of the Spanish Constitution with regard to commercial legislation and Article 149.1.11 with regard to the monetary system, foreign exchange, exchange and convertibility, bases of the regulation of credit, banking and insurance. The second final provision empowers the Comisión Nacional del Mercado de Valores (CNMV) to issue the necessary provisions on accounting and specific information requirements in relation to securities lending operations. Finally, the third final provision establishes the entry into force of the regulation on the day following its publication in the Official State Gazette.

The consultation deadline is 31 January 2025.

On 14 January 2025, the Eidgenössische Finanzmarktaufsicht (FINMA) published a report on mutual funds.

The report provides practical guidelines for the collective investment schemes' reporting by financial intermediaries. It outlines requirements for annual data submissions on exposure, leverage, liquidity, and counterparty risks managed by these funds. 

The report specifies that all mutual funds managed or administered in Switzerland, both foreign and domestic, must comply with these data collection regulations unless explicitly excluded by FINMA. 

The report emphasizes that the collected data aims to enhance supervisory quality. It details submission formats, including unique identifiers such as FINMA-ID and LEI, and clarifies that funds with net assets exceeding CHF 500 million are subject to this census. FINMA provides guidance on the technical implementation of the reporting and necessary updates to the structure and content of submitted reports.

Version française

Le 14 janvier 2025, l'Eidgenössische Finanzmarktaufsicht (FINMA) a publié un rapport sur les fonds communs de placement.

Le rapport fournit des lignes directrices pratiques pour le reporting des placements collectifs par les intermédiaires financiers. Il décrit les exigences relatives à la soumission annuelle de données sur l'exposition, l'effet de levier, la liquidité et les risques de contrepartie gérés par ces fonds. 

Le rapport précise que tous les fonds communs de placement gérés ou administrés en Suisse, tant étrangers que suisses, doivent respecter ces règles en matière de collecte de données, sauf exclusion expresse de la FINMA. 

Le rapport souligne que les données collectées visent à améliorer la qualité du contrôle. Il détaille les formats de soumission, y compris les identifiants uniques tels que FINMA-ID et LEI, et précise que les fonds dont la fortune nette dépasse 500 millions de francs suisses sont soumis à ce recensement. La FINMA fournit des conseils sur la mise en œuvre technique du reporting et les mises à jour nécessaires de la structure et du contenu des rapports soumis.

On 23 January 2025, the Financial Conduct Authority (FCA) published a report on money laundering through the markets.

The FCA updated its analysis on money laundering through the markets (MLTM) risk. 

Capital markets bring together buyers and sellers of stocks, bonds, currencies and other financial assets. MLTM is the use of capital markets to move criminally generated cash, so it appears legitimately generated. This threat is continually evolving.

To help firms better understand and mitigate the risk of MLTM, the FCA's report covers:

• examples of good and poor practice on enhancing systems, controls and training,
• practical case studies,
• detailed areas of focus for firms.

The FCA's findings are likely to be of interest to:

• all firms carrying out business related to capital markets,
• public bodies, firms and market participants responsible for assessing risk and setting strategy,
• money laundering reporting officers (MLROs),
• industry practitioners working in financial crime prevention,
• law enforcement.

The FCA reviewed the financial crime systems and controls at a sample of wholesale brokers to understand how firms are approaching:  

• business-wide and customer risk assessments (BWRA and CRA),  
• know your customer (KYC) and customer due diligence (CDD) checks,
• governance and oversight,
• transaction monitoring (TM),
• investigations and suspicious activity reports (SARs), 
• training.

The FCA focused its detailed firm reviews on wholesale broker firms. However, the findings in this report should be considered across wider markets and by other types of firms and business models.

The FCA expects firms to have robust financial crime systems and controls at each stage of the customer and transaction journey. This is essential to make sure there are no ‘weak links’ that expose participants and the overall transaction to financial crime.  Firms should:

• consider MLTM risk and reflect this in their BWRA and systems and controls,
• ensure they have firm and role specific MLTM staff training and awareness in place,
• consider how best to use TM as part of an integrated process of financial crime systems and controls, incorporating tailored TM controls and alerts. Encourage more collaboration between TM, trade surveillance (TS), front and middle office teams,
• ensure relevant teams are aware of the UKFIU MLTM SARs glossary code, are using it appropriately, and are submitting high-quality SAR reporting,
• review the recently enacted Economic Crime and Corporate Transparency Act 2023 (ECCTA) and consider how they can share information to counter money laundering, raise awareness and intelligence, and reduce MLTM risk.

The FCA saw good practice and progress in several financial crime systems and controls across larger and smaller firms.  

However, relevant firms need more focus and improvement to mitigate risk more rigorously and tackle the issues raised in the FCA's previous thematic review (TR19/4).

Key challenges include:

• transaction monitoring,
• knowledge of the UK Financial Intelligence Unit (UKFIU) MLTM SAR glossary code,
• information sharing,
• documenting CRA methods in enough detail.

Firms need to continue to review their systems, controls, MLTM awareness and training.  

Public bodies and firms need to work together to evolve and respond effectively to the threat of MLTM.

Using its supervisory work, the FCA will make sure firms are considering MLTM risks, and the points raised in this report to drive improvements and reduce risk across the markets.

The FCA will also encourage firms and third-party providers to innovate more, to tailor TM systems and alerts to capital markets.

The FCA will work with:

• industry and partners – to understand and share information on MLTM risks, issues, typologies and best practice,
• firms and other stakeholders – to find out if existing datasets can be better used to identify MLTM and allow more proactive supervision,
• the UKFIU – to make sure firms are using the MLTM SARs glossary code more effectively.

On 30 January 2025, the United Kingdom published the Financial Services and Markets Act 2023 (Digital Securities Sandbox) (Amendment) Regulations 2025.

Regulation 3 of these Regulations amends regulation 3(8) (appropriate regulator) of the DSS regulations to make further provision about who the appropriate regulator is in relation to certain ancillary FMI activities (as defined in regulation 3(6) of the DSS Regulations).

Regulation 4 amends Part 1 of the Schedule to the DSS Regulations by adding a reference to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (S.I. 2017/692).

Regulation 5 amends Part 2 of the Schedule by making minor changes to the existing modifications to the UK Central Securities Depository Regulation (Regulation (EU) No909/2014). The modifications require a digital securities depository to create and operate a “whistle-blowing” scheme to allow employees to report actual or potential infringements in connection with the digital securities sandbox.

Regulation 6 amends Part 3 of the Schedule. It disapplies section 20 of FSMA 2000 when an authorised person is carrying on FMI activities as a digital securities depository or ancillary FMI activities for what would otherwise be a contravention under that section. It also makes a?minor change to the existing modifications made to paragraph 21 of Schedule 17A to FSMA 2000.

Regulation 7 inserts a new Part 6 of the Schedule to the DSS Regulations and makes modifications to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (S.I. 2017/692).

The Regulations are coming into force on 3 March 2025.

On 9 January 2025, the United Kingdom published the Financial Services and Markets Act 2000 (Collective Investment Schemes) (Amendment) Order 2025.

This Order inserts a new paragraph 22 into the Schedule to the Financial Services and Markets Act 2000 (Collective Investment Schemes) Order 2001 (S.I. 2001/1062) (CIS Order). The Schedule to the CIS Order specifies the kinds of arrangements which do not amount to a collective investment scheme as defined in section 235 of the Financial Services and Markets Act 2000 (c. 8).

New paragraph 22 clarifies that arrangements for qualifying cryptoasset staking do not amount to a collective investment scheme. Staking is a consensus mechanism used by “proof of stake” blockchains. Blockchains are distributed ledgers on which various computers performing the function of “validator nodes” collaboratively enter and validate transactions to achieve consensus on the network’s state. Qualifying cryptoasset is defined by reference to the Financial Services and Markets Act 2000 (Financial Promotion) Order 2005 (S.I. 2005/1529).

The Regulations come into force on 31 January 2025.

On 16 January 2025, the Financial Conduct Authority (FCA) published a notification of certain material changes to a Recognised Collective Investment Scheme/sub-fund(s) subject to the Overseas Funds Regime (OFR).

This user guide will help:

• to notify the FCA of certain material changes to an already recognised OFR Collective Investment Scheme/sub-fund(s) (CIS).

This notification is appropriate for firms that meet the following conditions:

• Operators/ Fund Management Companies that wants to advise the FCA of certain changes to an already recognised CIS subject to the OFR.

On 31 January 2025, the Financial Conduct Authority (FCA) published its Handbook Notice no.126.

This Handbook Notice describes the changes to the FCA Handbook and other material made by the FCA Board under their legislative and other statutory powers on 30 January 2025.

Following consultation in CP24/11, the FCA Board has made changes to the Handbook sections:  COLL 5.2 and COLL TP 1.1.

In summary, this instrument makes changes to an existing rule that sets limits on the ability of a UCITS scheme to hold units of other collective investment schemes (“second schemes”). The rule aims to reinforce appropriate risk diversification in a UCITS fund of funds. The changes clarify how the rule applies to umbrella/sub-fund structures, and disapply the rule in certain situations where the investing UCITS scheme and second scheme are managed by the same firm.

This instrument came into force on 31 January 2025.

On 14 January 2025, the United Kingdom published the Financial Services and Markets Act 2000 (Ring-fenced Bodies, Core Activities, Excluded Activities and Prohibitions) (Amendment) Order 2025.

This Order amends the Financial Services and Markets Act 2000 (Ring-fenced Bodies and Core Activities) Order 2014 (S.I. 2014/1960) (Core Activities Order) and the Financial Services and Markets Act 2000 (Excluded Activities and Prohibitions) Order 2014 (S.I. 2014/2080) (Excluded Activities Order) to adjust the regulatory regime applying to ring-fenced bodies.

The Core Activities Order is amended:

• to allow a grace period of 12 months during which an account holder which has ceased to satisfy the definition of “relevant financial institution” can continue to bank with a non-ring-fenced body (article 4(1)(c));
• to introduce a four year transition period for UK deposit-takers which are acquired by a ring-fenced body (article 5(1)(c));
• to increase the amount of core deposits which may be held by a non-ring-fenced body from £25 billion to £35 billion (article 5(2));
• to permit UK deposit-takers to hold trading assets without becoming a ring-fenced body, provided that the value of its trading assets is always less than 10% of the value of its tier 1 capital (article 5(1) and (3)).

The Excluded Activities Order is amended:

• to allow a ring-fenced body to have correspondent banking relationships with more than one bank or other payment service provider (articles 8(1)(a)(i), (vii) and 10(1));
• to allow a ring-fenced body to have exposures to certain types of financial institutions which are SMEs (article 8(2)(b)(iii));
• to allow a ring-fenced body to hedge against longevity risk and mortality risk (articles 8(1)(a)(iv), (v), 9(1)(b) and 10(2)(c));
• to extend the range of assets which may be held by a sponsored structured finance vehicle of a ring-fenced body (article 8(3) and (4));
• to allow a ring-fenced body to acquire certain instruments issued by an issuer as part of arrangements for restructuring the debt of the issuer or a group undertaking of the issuer, to mitigate the actual or potential financial difficulties of the issuer or one or more of its group undertakings, whether or not a release of all or part of that debt forms part of the arrangements (article 9(1)(c) and (d));
• to allow a ring-fenced body to deal in investments to remedy or prevent the failure of a transaction due to error, or to test a new or changed product or service of the ring-fenced body (articles 9(1)(f) and 10(2)(e));
• to allow a ring-fenced body to invest in small businesses based in the United Kingdom directly or through certain funds or investment companies, subject to certain conditions (articles 9(3) and 10(2)(e)).

The Order also amends the Excluded Activities Order:

• to permit a ring-fenced body to offer inflation swaps (article 9(5)),
• to permit a ring-fenced body to sell foreign exchange collars to its customers (article 9(6)),
• to extend the range of transactions a ring-fenced body may enter into in the course of providing trade finance for its customers (article 10(3)),
• to allow a ring-fenced body to incur exposures to a relevant financial institution of £100,000 or less (article 10(7)), and
• to remove the prohibition on a ring-fenced body establishing a branch or holding an interest in undertakings incorporated outside the United Kingdom and the European Economic Area (article 10(8)).

The Order also makes other minor amendments to both the Core Activities Order and the Excluded Activities Order, including amendments to remove EU-related expressions which are no longer relevant to the UK.

The Regulations are coming into force on 4 February 2025.

On 14 January 2025, the United Kingdom published the Short Selling Regulations 2025.

These Regulations make provision about the short selling of shares and other financial instruments, and transactions which have a similar effect to a short sale. They replace Regulation (EU)236/2012 of the European Parliament and of the Council of 14 March 2012 on short selling and certain aspects of credit default swaps (which is to be revoked by section 1 of the Financial Services and Markets Act 2023 (c. 29) (FSMA 2023) once commenced). This instrument restates some provisions of Regulation (EU)236/2012 with modifications exercising powers in section 4 of the Financial Services and Markets Act 2023 (c. 29).?These Regulations also make provision under powers in Part 5A of the Financial Services and Markets Act 2000 (c. 8) (FSMA 2000).

Regulation 4 specifies certain activities under section 71K of FSMA 2000 as “designated activities” for the purposes of that Act.

Regulations 5, 6, 8 and 9 enable the Financial Conduct Authority (FCA) to make “designated activity rules” (as defined in section 71L(3) of FSMA 2000) relating to the activities specified in regulation 4, and to provide in those rules for exemptions or waivers. Regulation 8 also requires the FCA to publish a list of shares in relation to which it considers the rules apply.

Regulation 7 requires the FCA, for each working day, to publish the aggregate net short position held in the issued share capital of a company, calculated as provided for in regulation 7(2) and (3).

Regulation 10 allows the FCA to give directions to a person who is failing, or is likely to fail, to comply with a requirement imposed by virtue of Part 2 of these Regulations.

Regulation 11 enables the Treasury to make regulations designating an overseas jurisdiction for the purpose of the application of an exemption provided for in FCA rules made by virtue of regulation 9(1)(a).?Regulation 12 provides that each EEA state is to be treated as designated for this purpose.

Regulations 13 to 17 allow the FCA to impose measures in relation to the short sale of financial instruments, or transactions with a similar effect, in exceptional circumstances. Regulations 16(1) and 17(2) set out the conditions for the exercise of these powers. Regulations 18 to 20 require the FCA to publish a notice of the exercise of these powers, to review any measure imposed under these powers, and to publish a statement of its policy with respect to the exercise of these powers.?Regulation 21 allows the FCA to give directions to a person who is failing, or is likely to fail, to comply with a requirement, prohibition or condition imposed by regulations 13 to 15.

Regulation 22 sets out requirements on central counterparties relating to procedures and fines where sellers using those counterparties fail to settle transactions in shares.?Regulation 23 allows the FCA to give directions to a person who is failing, or is likely to fail, to comply with a requirement imposed by regulation 22.

Regulations 24 to 26 and Schedule 1 make provision about supervision and enforcement.

Regulations 27 to 29 make saving provision.

Regulation 30 and Schedule 2 make consequential amendments to other legislation. Other legislation will be revoked in connection with these Regulations in a commencement instrument made under the power in section 1 of FSMA 2023.

Regulations 1 to 6, 8, 9 and 11 come into force on 14 January 2025.

The remaining provisions of these Regulations come into force on 14 January 2025 for the purpose of enabling the FCA to give guidance or issue statements of policy.

On 14 January 2025, the United Kingdom published the Financial Services and Markets Act 2000 (Designated Activities) (Supervision and Enforcement) Regulations 2025.

The Regulations enable the Financial Conduct Authority (FCA) to supervise and enforce rules that it makes under the designated activities regime, which was introduced by the Financial Services and Markets Act 2023.

The Regulations extend the FCA’s existing supervision and enforcement powers under the Financial Services and Markets Act 2000 so they can be used in relation to designated activities. As a result, they allow the FCA to supervise designated activities by gathering information and launching investigations into persons carrying out designated activities, and to enforce its designated activity rules by publicly censuring or imposing financial penalties on persons that breach them.

The Regulations are coming into force on 14 January 2025.