Global regulation in 2021: reaction, reflection and a return to priorities
The year 2020 defied expectations and saw disruption to both financial markets and regulatory agendas. As the world recovers, 2021 is shaping up to be defined by continued regulatory reactions to the Covid-19 pandemic, and geopolitical changes such as the UK’s exit from the EU.
Regulators across the world, but particularly in the UK, will be reflecting on the effectiveness of various post-crisis regimes that have been tested by Covid-19. Finally, as the world slowly returns to normal in 2021, regulators have made clear that they will return to the priorities that were sidelined. This adds up to another extremely busy year for financial services firms.
Globally, regulatory developments in 2021 will include priorities which pre-date Covid-19 but have been materially influenced by the pandemic. The best example of this is the continued development of operational resilience regulations. The Basel Committee on Banking Supervision has recently consulted on global principles for operational resilience, factoring in lessons from the pandemic. Previously, one of the biggest risks was from the rapid adoption of new technologies. This has been exacerbated by the pandemic because institutions needed to move quickly to support customers in an unprecedented environment. Meanwhile, the UK, a frontrunner on resilience initiatives, will publish its final policy in the first quarter of 2021, setting out expectations for resilience in financial services. In Europe, the commission has also finally adopted its proposal for digital resilience, which requires a common set of standards to mitigate digital risks. We can certainly expect to see other countries following the global lead, and direction set by the UK and EU in this area.
The flurry of activity from multiple jurisdictions on climate risk in late 2020 indicates that this will be a key area of regulatory development next year. Building on work in 2019, the European Banking Authority has set out a multi-year action plan for addressing climate risk. In the UK, firms will have until the end of 2021 to implement their approaches, including making climate-related data disclosures. In Asia, the Hong Kong Monetary Authority has announced a green and sustainable banking initiative and published a white paper setting out initial expectations for management of climate risk. The Commodity Futures Trading Commission (CFTC) became the first US regulator to release a detailed position paper on climate risk, calling for global co-ordination in definitions and standards, and increased data sharing. The CFTC position has been backed by Janet Yellen, the expected new Treasury Secretary, confirming her intention to make climate risk a focus this year.
In the UK there will be no let-up for firms when it comes to expectations for the implementation of major EU regulatory initiatives in 2021. The main effort is likely to be on Basel III, the London interbank offered rate, the Capital Requirements Directive V and the Bank Recovery and Resolution Directive II. Beyond implementation we expect to see the UK regulators focusing efforts in three areas: reviewing effectiveness of existing frameworks; responding to the impact of Covid-19 on vulnerable customers; and setting a post-Brexit course for UK regulations.
The business plans for the Bank of England, Prudential Regulation Authority (PRA), Financial Conduct Authority (FCA) and the Treasury include reviews of the effectiveness of existing regulatory regimes, in particular the Senior Managers and Certification Regime (SM&CR), ring-fencing and Solvency II, as well as a review of the overall payments regulatory landscape. Each of these reviews could lead to consequential policy changes in 2021.
The FCA is likely to focus on supervisory and policy activity in direct response to Covid-19, in particular the protection of vulnerable consumers, ensuring fair treatment and protection from fraud. This will be most keenly felt in increased attention to financial crime controls. Last year saw an rise in fraud incidents and criminal activities moving online. Regulators will continue to want evidence that firms have systems and controls to detect, disrupt and reduce the risk of financial crime. They will encourage the use of technology to tackle risks of fraud. Additionally, the growth of digital and virtual banks and non-traditional platforms in 2020 is certain to lead to heightened regulatory scrutiny given the evidence that their control frameworks are not fully equipped to manage the variety of financial crime risks.
UK regime post-Brexit
Finally, undoubtedly a major area of focus for regulators in the UK will be on defining post-Brexit policies. The Future Regulatory Framework consultation confirmed that the UK will increasingly implement requirements via PRA and FCA rules rather than legislation. This approach will lead to a greater degree of flexibility, and it is likely the UK will look for opportunities to introduce greater proportionality rather than make wholesale changes to frameworks.
An early example of this is the plan to deliver a simpler prudential regime for small banks and building societies. In 2021, the PRA will take its first steps toward introducing a graduated regime for small deposit-takers, which could take inspiration from countries such as the US where credit unions have long been part of the fabric of financial services. Amendments to the Credit Union Act are also expected, enabling credit unions to offer a wider range of products and services. While such developments are unlikely to have a material impact on many existing firms, 2021 could be a year in which competition among UK banks begins to increase.
What does all this mean for financial services firms in 2021? A return to normal also means a return to large-scale implementation activity, while keeping track of shifting expectations from regulators as the understanding of Covid-19 and Brexit effects matures. More so than any other year, firms will need to be flexible and pragmatic in their approach to managing regulatory change.