April 2022
Regulatory Round-up - Q1 2022

In this edition we cover:

United Kingdom

  • Consultation on strengthening the financial promotion rules that apply to high-risk investments
  • FCA publishes MIFIDPRU remuneration guidance
  • FCA publishes guidance on new IFPR RegData reports
  • PRIIPs
  • FCA issues statement on financial sanctions measures in relation to Russia
  • FCA proposes changes relating to MIFIDPRU TP 7
  • ESMA publishes ‘call for evidence’ for regulating ESG rating providers
  • ESMA issues statement on supervisory expectations on tied agents
  • Transition to PRIIPs KIDS for UCITS managers
  • Data protection: the new international data transfer agreement and UK addendum


United States

  • SEC’s division of examinations publishes 2022 examination priorities
  • SEC proposes substantial changes to private fund regulatory regime
  • SEC proposes new cybersecurity rules for SEC registered advisers and funds
  • SEC proposes amendments to Form PF to increase oversight of private funds

Consultation on strengthening the financial promotion rules that apply to high-risk investments

The FCA issued its consultation paper (CP22/2) on 19 January 2022 to strengthen the financial promotion rules that apply to what the regulator considers to be high risk investments. The proposed changes focus on the following areas:


High risk investment categories: classifying investments into new categories with a focus on making certain marketing restrictions easier to navigate.


Consumer journey: improving the consumer journey to reduce the number of consumers “clicking through” and accessing high-risk investments without understanding the risks involved.


Section 21 Approvers: strengthening the role of “section 21 approvers” of financial promotions requiring that an approver takes reasonable steps to monitor the promotion’s continued compliance with FCA rules and that they collect an attestation of “no material change” from the promoter every three months during the lifetime of the promotion.


Crypto assets: HM Treasury has confirmed it intends to extend the scope of the financial promotion regime to include certain crypto assets. The FCA proposals focus on how these assets will be categorised once they are brought into the financial promotion regime.  


The period where feedback could be provided to the FCA on the consultation ended on 23 March 2022 and the FCA intends to publish a policy statement and final handbook rules in the summer. The FCA proposes to give firms 3 months from publishing final rules to comply with the new requirements.

FCA publishes MIFIDPRU remuneration guidance

The Investment Firm Prudential Regime (“IFPR”) was introduced by the FCA, for firms conducting MiFID activities, on 1 January 2022.


As a result, the Remuneration Codes previously applicable to MiFID Firms (such as the BIPRU and IFPRU codes) have been replaced by a new MIFIDPRU Remuneration Code.  Details of the new rules have been set out by the FCA in Chapter 19G of its Senior Management Arrangements, Systems and Controls Sourcebook (“SYSC 19G”).


To supplement the new rules and assist firms with the implementation of the MIFIDPRU Remuneration Code, the FCA released guidance on 13 January 2021.


The high-level guidance includes the publication of optional templates which firms may wish to use to demonstrate how their remuneration policies and practices comply with the new MIFIDPRU Remuneration Code.  In addition, reference is made as to how firms should apply proportionality and performance adjustment measures as well as reminding firms of their reporting requirements and disclosure obligations.


Firms are reminded that the new MIFIDPRU Remuneration Code applies to their first full performance period commencing on or after 1 January 2022.

FCA publishes guidance on new IFPR RegData reports

As a result of the introduction of the IFPR on 1 January 2022, MiFID Firms are subject to new regulatory reporting requirements.


The new reports include, but are not limited to, quarterly submissions of MIF001 (Own Funds), MIF002 (Liquid Assets) and MIF003 (Monitoring Metrics) regulatory reports.


To assist firms with the completion of these new regulatory returns, the FCA has published guidance notes in Chapter 9 Annex 2 of its Prudential sourcebook for MiFID Investment Firms (“MIFIDPRU 9 Annex 2”).


Firms are reminded that the first quarterly reports, for period ending 31 March 2022, are required to be submitted to the FCA by 3 May 2022.  Should you require assistance with your reporting obligations, please discuss this with your regular contact at Portman.


Following the delay last year, on 25 March 2022, The FCA published a policy statement (PS22/2) setting out amendments to the UK Packaged Retail Investment and Insurance-Based Products (PRIIPs) disclosure regime (PS22/2).


A Summary of the new rule changes are as follows:


• The introduction of rules to clarify the scope of the PRIIPs Regulation for corporate bonds, making it clearer with regards certain common elements exclude them from being defined as a PRIIP.

• The introduction of interpretative guidance to clarify what it means for a PRIIP to be ‘made available’ to retail investors. This includes a maximum denomination of £100,000 to allow exclusion from this rule.


The rules have been changes to amend the PRIIPs RTS to:


• Replacement the requirements and methodologies for presentation of performance scenarios in the KID (diagrammatically) with a requirement for narrative information on performance to be provided.

• Address the potential for some PRIIPs to be assigned an inappropriately low summary risk 

• The FCA has addressed concerns about certain applications of the ‘slippage’ methodology when calculating transaction costs.


The new rules came into force on 25th March 2022 and the transition period will be in place until December 31st 2022.

FCA issues statement on financial sanctions measures in relation to Russia

The FCA expects firms to have established systems and controls to counter the risk that they might be used to further financial crime and this includes compliance with financial sanctions obligations.  In addition, the FCA works alongside the Office of Financial Sanctions Implementation (OFSI), which has the power to levy civil monetary penalties for breaches of financial sanctions.


All firms should screen against the UK Sanctions List (which is updated continually) to meet these new sanctions measures and screen against the OFSI list of asset freeze targets for financial sanctions obligations.


You must report to the OFSI or FCA if you:  

• know or suspect that a breach of financial sanctions has occurred;

• if a person you are dealing with, directly or indirectly is listed;

• if you hold any frozen assets;

• if knowledge or suspicion of these come to you while conducting your business.


The FCA has expectations of firms’ systems and controls in relation to compliance with financial sanctions and these are set out in FCG 7 of the Financial Crime Guide.

FCA proposes changes relating to MIFIDPRU TP 7

The FCA published its second IFPR policy statement (PS21/9) in July 2021. Within chapter 14 of PS21/9, the confirmed that FCA investment firms and UK parent entities that were not subject to the UK Capital Requirements Regulation (CRR) immediately before 1 January 2022 would need to notify them under MIFIDPRU TP 7. These firms would need to notify us if they wanted to treat existing capital instruments as own funds under MIFIDPRU 3. The final rules required notifications from FCA investment firms under MIFIDPRU TP 7.4R(2)(b) by 1 January 2022.


The FCA is concerned that it received significantly fewer notifications than it anticipated. Further, it has also received a number of notifications after the deadline. The FCA therefore proposes to extend the deadline for TP 7.4R(2)(b) notifications until 29 June 2022. It will also update its guidance to help firms complete the notification.

ESMA publishes ‘call for evidence’ for regulating ESG rating providers

The European Securities and Markets Authority (ESMA) has published a Call for Evidence on Environmental, Social and Governance (ESG) ratings. The aim is to gather information on the market structure for ESG rating providers in the European Union (EU).


The Call for Evidence’s purpose is to develop a better understanding (on what is, they believe a largely an unregulated market) of the size, structure, resourcing, revenues and product offerings of the different ESG rating providers operating in the EU. The process is designed to address three target groups:

• ESG rating providers;

• Users of ESG ratings; and

• Entities subject to rating assessment of ESG rating providers.


Stakeholders were invited to submit their responses via the questionnaire by 11 March 2022 for ESMA’s consideration.

ESMA issues statement on supervisory expectations on tied agents

The European Securities and Markets Authority (“ESMA”), has published a supervisory briefing setting its expectations for firms using tied agents under MiFID II rules. The briefing is particularly relevant for third-country firms, including UK firms, that provide investment services and activities in the EU, or intend to do so in the future, through a tied agent of an EU firm.


Under MiFID II, a tied agent is a natural or legal person who, under the full and unconditional responsibility of only one firm on whose behalf the tied agent acts, “promotes investment and/or ancillary services to clients or prospective clients, receives and transmits instructions or orders from the client in respect of investment services or financial instruments, places financial instruments or provides advice to clients or prospective clients in respect of those financial instruments or services”.


The European regulator states that, during its increased monitoring of the use of tied agents following Brexit, it has found some practices that potentially circumvent MiFID II. It has said that EU firms should “avoid appointing a tied agent which is a legal person and whose employees involved in the provision of the activities on behalf of the firm (e.g., sale staff) are also at the disposal or under the control of other entities, including third-country entities.” ESMA believes that these third-country entities could “exercise inappropriate influence over the way in which a tied agent carries out the activities on behalf of the firm or may prevent the firm from effectively monitoring the activities of their tied agent.” ESMA highlights instances of potential inappropriate influence where individuals involved in the provision of the activities carried out by a tied agent are employed by a third country firm and seconded to the tied agent or operate under staff sharing arrangements. ESMA states “it is expected that tied agents have sufficient substance in the EU and do not mainly rely on resources based outside of the EU in the provision of activities on behalf of the appointing firm.”


As a result of the briefing, UK firms that use the tied agent model to operate in the EU post Brexit may find themselves under more scrutiny from EU based principal firms with a focus on the substance of their operations in the EU. EU firms that are considering appointing UK firms as tied agents can expect more scrutiny from the EU regulators. This means they may have higher expectations of UK firms, regarding substance and location of operations, before agreeing to appoint them as tied agents.  

Transition to PRIIPs KIDS for UCITS managers

In the EU (and EEA), the Undertakings for Collective Investment in Transferable Securities (“UCITS”) exemption from providing a Key Information Document (“KID”) under the Packaged Retail and Insurance-based Investment Products (“PRIIPs”) regulation is set to expire on 31 December 2022. This means UCITS management companies (and their distributors) managing UCITS funds marketed to retail investors will be required to provide a PRIIPs KID to those investors from 1 January 2023.


UK firms managing UCITS funds under delegation from UCITS management companies based in the EU should ensure preparations are being made to provide a KID from 1 January 2023 if those funds are marketed to retail investors.  

Data protection: the new international data transfer agreement and UK addendum

In Data protection law in the UK and the EU prohibits transfers of personal data outside of the UK or EU respectively unless adequacy or safeguards are in place before the transfer.  


Standard contractual clauses (“SCCs”) are one of the safeguards which can be written into the contract between the exporter and importer of personal data. SCCs attempt to require the importer to comply with key elements of data protection law that the importer is not subject to.  


Click the download link for full details. 

SEC’s division of examinations publishes 2022 examination priorities

On 30 March 2022, the SEC’s Division of Examinations (the “Division”) announced its examination priorities for 2022.


The Division confirmed that it’s priorities include:

• Private Funds: Specifically focussing on registered investment advisers (“RIA’s”) and conducting examinations which look at a variety of issues under the Advisers Act, including an RIA’s: fiduciary duty; risk management processes; compliance programs; fees and expenses; custody arrangements: fund audits; valuation processes; controls around material non-public information; and conflicts management and disclosures around these areas.  


• Environmental, social and governance (“ESG”) investing: Specifically focussing on whether RIAs are accurately disclosing their ESG investing approaches and have adopted and implemented policies and practices designed to prevent violations of the federal securities laws in connection with their ESG-related disclosures; as well as proxy voting approaches and how these align with the RIA’s ESG-related disclosures and mandates.


• Information Security and Operational Resiliency: Specifically reviewing firms’ business continuity and cyber security arrangements, examinations will focus on practices firms have in place to: prevent interruptions to mission-critical services; safeguard customer accounts and information; oversee vendors and service providers; address malicious email activities, such as phishing or account intrusions; respond to incidents, including those related to ransomware attacks; and manage operational risk as a result of a dispersed workforce.  


Other priorities for the year include retail investor protections; emerging technologies; and crypto assets.

SEC proposes substantial changes to private fund regulatory regime

On 9 February 2022, the SEC voted to propose a new set of rules and rule amendments under the Investment Advisers Act of 1940. If adopted the proposal would reflect a wholesale change to the regulation of private funds.  


Click the download link for full details. 

SEC proposes new cybersecurity rules for SEC registered advisers and funds

On 9 February 2022, the SEC voted to propose new and amended rules relating to cybersecurity risk management, cyber incident reporting and cyber risk disclosure under the Investment Advisers Act of 1940 and the Investment Company Act of 1940. The proposals apply to SEC-registered investment advisers (“RIAs”).


If adopted, the proposals would be a significant change to US federal privacy law. In summary, the proposals would:

• require RIAs to adopt and implement written policies and procedures that are reasonably designed to address cybersecurity risks;

• require RIAs to report “significant cybersecurity incidents” to the SEC within 48 hours of discovery, including such incidents related to the adviser or registered funds or private funds that the adviser manages;

• create enhanced disclosure requirements for RIAs regarding cybersecurity risks and significant cybersecurity incidents, including new requirements to file an amended Form ADV in the event of a significant cybersecurity incident; and

• require RIAs to maintain certain books and records related to cybersecurity.  


The SEC is seeking comments on the proposals which are available for public comment until 60 days from 9 February 2022 or 30 days from when the proposals are published in the Federal Register.

SEC proposes amendments to Form PF to increase oversight of private funds

On 26 January 2022, the SEC proposed amendments to Form PF.  By way of reminder, Form PF is a confidential reporting form required to be completed periodically by certain RIAs to private funds (typically those with at least $150 million in private fund assets under management).


The SEC’s proposals include the addition of a new section to Form PF which would require large hedge fund advisers (typically those with at least $1.5 billion in hedge fund assets under management) and private equity advisers to file a current report within one business day of the occurrence of one of several reporting events that indicate significant stress at a fund that could harm investors or signal risk in the broader financial system.


In addition, the SEC has proposed to amend the definition of a large private equity fund adviser, reducing the threshold from its current ‘at least $2 billion in private equity fund assets under management as of the end of its most recently completed fiscal year’ to $1.5 billion.


The period for comments on the SEC’s proposals closed on 21 March 2022.  Portman will continue to monitor developments in this area and will provide an update once the SEC publishes its final rules.